“Apple is actively conducting an internal investigation into the Mac Defender malware attack,” Ed Bott reports for ZDNet. “An internal document with a Last Modified date of Monday, May 16, 2011 notes that this is an ‘Issue/Investigation In Progress.’ The document [see full article] provides specific instructions for support personnel to follow when dealing with a customer who has called AppleCare to request help with this specific attack.”
“There are two different resolution paths, depending on whether the customer says Mac Defender / Mac Security has or has not been installed. According to this document, if the caller says he or she has not installed the software, the support rep should ‘suggest they quit the installer and delete the software immediately,'” Bott reports. “That is followed by this disclaimer: ‘AppleCare does not provide support for removal of the malware. You should not confirm or deny whether the customer’s Mac is infected or not.”
Bott reports, “If the software is already installed, support personnel are instructed to make sure all security updates have been installed using Software Update. They are then to direct the customer to the ‘What is Malware?’ Help document using Finder. The final step is clear: ‘Explain that Apple does not make recommendations for specific software to assist in removing malware. The customer can be directed to the Apple Online Store and the Mac App Store for antivirus software options.'”
Full article here.
MacDailyNews Take: If Microsoft apologist Bott devoted his entire life to spending as much time detailing each individual Windows trojan as he has this one, he’d die of old age before he finished covering 1% of them.
Let’s give Apple a chance to investigate and, as always, here’s our usual reminder for Mac users and anyone who’s trying to use any other platform: Do not download and authorize the installation of applications (Trojans) from untrusted sources. No OS can protect users from themselves (or we wouldn’t be able to install any software). Those who grant attackers access to their Macs, should not be surprised to find their Macs are compromised.
Is Mac under a virus attack? No. – May 4, 2011
Intego: MACDefender rogue anti-malware program attacks Macs via SEO poisoning – May 2, 2011