# Apple support staff instructed not to remove Mac Defender malware



## Glaswegian (Sep 16, 2005)

Apple has instructed support representatives not to remove any malware from the Macs of customers who report falling victim to the recent Mac Defender scam.

Mac Defender is the name of a 'rogueware' program that has been spotted by security experts in recent weeks. It poses as a legitimate security program and advises the user that their Mac is infected by malware, then prompts them to pay money for software to remove the supposed malware.

Documents seen by ZDNet appear to show instructions from Apple to support representatives about how to deal with calls from customers relating to Mac Defender.

If the caller has installed Mac Defender on their system, they are advised to get all of the latest security patches from Software Update. Then, using Finder, they should access the 'What is malware?' help document and go to the Mac App Store to download a legitimate security program.

However, Apple's instructions are clear that no specific program should be recommended. "Explain that Apple does not make recommendations for specific software to assist in removing malware. The customer can be directed to the Apple Online Store and the Mac App Store for antivirus software options," the document reads.

If the caller hasn't downloaded the software, they should be advised to quit the installer and delete the software immediately. "AppleCare does not provide support for removal of the malware. You should not confirm or deny whether the customer's Mac is infected or not," the document reads.

Earlier this week, ZDNet's Ed Bott revealed that an Apple support representative had told him that the malware situation for Macs was getting worse. "I'm sure it won't be long before we have a lot more of this, a lot harder to get rid of, too," the representative told Bott.


http://news.techworld.com/security/...d-not-to-remove-mac-defender-malware/?olo=rss


----------

