The Mac Defender malware that was first spotted around three weeks ago continues to spread. Mac Defender is actually a very simple trojan. It disguises itself as an antivirus and warns users that their system has been infected. To remove the infection, it asks users for user permission and once it gets the permission, it installs this malwares but continues to disguise itself as an antivirus. These is a very common attack mechanism on Windows, but on Mac, users had been caught flat footed.
We are now into the third week since the discovery of the spread of this malware and surprisingly Apple has not made any announcement regarding the problem. While Apple continues its policy of turning a blind eye the problem, it seems like the problem of Mac Defender is continuing unabated. According to some reports, around 20-25% of the calls to AppleCare is about Mac Defender. The number is certainly less than what it was a few weeks ago, but it is still a very big number.
The worst part about this whole episode has been Apple’s response – or rather the lack of it. Not only has Apple not made any official statements about this – it has also reportedly told the AppleCare representatives not to help with customers with the removal of the malware. This is a very strange decision from a company which places so much emphasis on the user experience.
According to documents in unearthed by ZdNet, AppleCare representatives are prohibited from telling the customer any of the steps required to remove Mac Defender.
- You cannot show the customer how to force quit Safari on a Mac Defender call
- You cannot show the customer how to remove from the Login items.
- You cannot show the customer how to stop the process of Mac Defender in their Activity Monitor.
- You cannot refer the customer to ANY forums or discussions boards for resolution (this includes the Apple.com forums)
The only thing that Apple allows the AppleCare representatives to do is to suggest some anti-virus solutions and direct users to the Apple Store or Apple Online Store.
The fact that Apple has not officially made any announcement and are prohibiting AppleCare from helping users should outrage many. Of course, it is not Apple’s fault that the malware is infecting thousands of Macs. No one can really build a completely secure operating system for everyday users and just like Windows, Macs are also vulnerable. Many Apple fans however vehemently denies that Macs can get malwares. That creates a sense of false security which in turn makes Mac an easy target. The very least Apple can do for its users right now is to acknowledge that Macs too are vulnerable to malwares and publish the method to remove Mac Defender.