A new support document surfaced on Apple’s website today reveals the company will release a Mac OS X software update in the next few days (likely a security update) that will automatically find, block and remove the popular Mac Defender malware from infected OS X machines.
A recent phishing scam has targeted Mac users by redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus. The user is then offered Mac Defender “anti-virus” software to solve the issue. This “anti-virus” software is malware (i.e. malicious software). Its ultimate goal is to get the user’s credit card information which may be used for fraudulent purposes. The most common names for this malware are MacDefender, MacProtector and MacSecurity.
In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants. The update will also help protect users by providing an explicit warning if they download this malware.
Whilst an internal AppleCare document leaked last week suggested Apple was telling employees not to remove the Mac Defender malware from users’ computers (also telling the same employees to redirect users to the Mac App Store to find proper antivirus software), it appears the company is taking the necessary steps to make sure Mac Defender won’t spread even further – they’re also offering in the same support document updated today a handy removal guide to manually find and delete the malicious application. Mac Defender began spreading quickly in early May, when hundreds of users reported online they discovered a malware-scanning utility on their computers that they did not want to have installed. It turned out Mac Defender still required a manual installation to be activated, though downloads effectively happened without a user’s consent when visiting certain webpages, often linked on Google Image Search. [via]