14 DAY TRIAL // Apple has finally accepted that there is a malware problem affecting many of its customers and plans to stop it with an upcoming system update.
The problems began earlier this month with a black hat search engine optimization campaign launched by scareware distributors on Google Images.
Such campaigns are common and one can pretty much expect to find rogue links among the top search results for all hot topics at any given time.
However, this time it was different because the cyber crooks also targeted Mac OS X users via a piece of scareware called Mac Defender that was specifically designed for Apple's platform.
Scareware, or rogueware, are terms that refer to fake applications that trick victims into paying for licenses in order to fix fictitious problems on their computer, usually malware infections.
Ironically, for a user base that largely doesn't trust antivirus programs and believes that Macs are malware-free, a lot of people ended up installing Mac Defender.
By extrapolating from tech support call figures related to this issue, ZDNet recently estimated that between 60,000 and 125,000 Mac users were affected by this piece of scareware.
What's worse, Apple apparently prevented its tech support operators from telling users how to remove the malicious program on their own.
However, after the issue got significant press coverage Apple published a knowledge base article of its own, which includes manual removal instructions.
The company makes some mistakes in the attack's description and refers to it as a "phishing scam." While it's true that it relies on social engineering, not all social engineering attacks are phishing.
According to Chester Wisniewski, a senior security advisor at Sophos, a more appropriate description would be a "trojan" attack. "We call this type of an attack a Trojan, referring back to the social engineering trick the ancient Greeks pulled on the Trojans," he explains.
The Apple KB article also contains an important announcement. "In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants," it reads.
This is not unlike what Microsoft currently does with its monthly Malicious Software Removal Tool (MSRT) update. It seems the Cupertino giant might be finally ready to accept that malware is at its doorsteps.
Apple still doesn't explicitly tell users to install an antivirus program, but you probably should. Sophos has a very good and completely free one that protects against Mac Defender.