http://www.msnbc.msn.com/id/43101276/ns/technology_and_science-security/
By Matt Liebowitz
Apple's battle against the fast-spreading "MacDefender" Trojan just took a very interesting turn.
According to a May 16 internal memo obtained by ZDNet security researcher Ed Bott, Apple is instructing its AppleCare support representatives to essentially avoid the entire issue of MacDefender, a Trojan that has plagued Mac users for nearly three weeks by posing as legitimate antivirus software and urging users to download it.
"AppleCare does not provide support for removal of the malware. You should not confirm or deny whether the customer's Mac is infected or not," the memo reads. [Related: Mac Malware Infection Spreading Fast]
If callers say the MacDefender warning has shown up on their computer but they haven't installed it, Apple's policy, the memo outlines, is to direct callers to quit the installer and "delete the software immediately."
However, if a customer has already installed the fraudulent program, AppleCare reps are instructed to "not attempt to remove or uninstall any malware software," and instead direct callers to the Apple Online Store and the Mac App Store to purchase antivirus software.
The memo also instructs AppleCare staff to direct callers to the "What is Malware" document under the help button in the computer's Finder feature.
The memo explicitly orders support staff to, "Explain that Apple does not make recommendations for specific software to assist in removing malware."
This internal memo could frustrate Mac users, a growing number of whom are falling victim to MacDefender, which not only requests passwords and payments to eradicate a nonexisting problem, but also, in some cases, also takes users to porn sites until they comply.
By Matt Liebowitz
Apple's battle against the fast-spreading "MacDefender" Trojan just took a very interesting turn.
According to a May 16 internal memo obtained by ZDNet security researcher Ed Bott, Apple is instructing its AppleCare support representatives to essentially avoid the entire issue of MacDefender, a Trojan that has plagued Mac users for nearly three weeks by posing as legitimate antivirus software and urging users to download it.
"AppleCare does not provide support for removal of the malware. You should not confirm or deny whether the customer's Mac is infected or not," the memo reads. [Related: Mac Malware Infection Spreading Fast]
If callers say the MacDefender warning has shown up on their computer but they haven't installed it, Apple's policy, the memo outlines, is to direct callers to quit the installer and "delete the software immediately."
However, if a customer has already installed the fraudulent program, AppleCare reps are instructed to "not attempt to remove or uninstall any malware software," and instead direct callers to the Apple Online Store and the Mac App Store to purchase antivirus software.
The memo also instructs AppleCare staff to direct callers to the "What is Malware" document under the help button in the computer's Finder feature.
The memo explicitly orders support staff to, "Explain that Apple does not make recommendations for specific software to assist in removing malware."
This internal memo could frustrate Mac users, a growing number of whom are falling victim to MacDefender, which not only requests passwords and payments to eradicate a nonexisting problem, but also, in some cases, also takes users to porn sites until they comply.
