Apple (NASDAQ: AAPL) has finally broken its silence on how some of its users have been infected by a particularly ingenious malware that masquerades as an antivirus software (also known as a scareware). In a support document called "How to avoid or remove Mac Defender malware" dated May 24, Apple made its first public acknowledgement of the issue.

Apple noted that "This 'anti-virus' software is malware (i.e. malicious software). Its ultimate goal is to get the user's credit card information which may be used for fraudulent purposes." The company also promised to deliver a Mac OS X update "in the coming days" to automatically find and remove the malware.

We first wrote about the MacDefender scareware a week ago, highlighting reports from sites such as Ars Technica and ZDNet who discovered that Apple had told its support reps to ignore MacDefender. This led me to question whether Apple has what it takes to tackle malware. In the meantime though, a new variant of MacDefender has appeared that installs itself without prompting for a password. It is unclear if this new version is what forced Apple into action, or if this more dangerous variant came after publication of the support document.

Separately, an online poll at Computerworld that asked whether the appearance and spread of MacDefender has diminished Mac's "security luster" found more than 46 percent of users voting for "The thrill of no antivirus is gone for me." Out of the roughly 1700 respondents at the time of my writing, another 31 percent profess support for Mac, which they deem to be "light years ahead on AV." The final 22 percent concede that they felt let down by Apple's response time on the matter.

For more:
- check out this article at eWeek
- check out this article at CNET News

Related Articles:
Apple support reps told to ignore Mac Defender malware
Does Apple have what it takes to tackle 'Mac Defender' malware?
Pwn2Own 2010: The Mac isn't more secure
Mac App Store could expose users to security risks from older, insecure versions
Is Apple cracking down on security?