Apple finally broke its silence on Mac Defender, posting a support document that provides a step-by-step solution to remove the malware. In the same document, Apple also promised to deliver an OS update "that will automatically find and remove Mac Defender malware and its known variants.  The update will also help protect users by providing an explicit warning if they download this malware." Mac Defender masks itself as a legitimate antivirus. Many unsuspecting users were tricked into installing the malware -- which does nothing but pop up fake virus infection notifications and open porn sites randomly, attempting to convince users that their Macs are infected. The malware then offers to clean up the mess for a fee, reaching its ultimate goal to steal the user's credit card information if they fall for it. Apple initially directed employees to stay mum and not assist customers in removing the malware. It seems that Apple was using the "keep quiet until a solid explanation/solution is determined" approach, just like it did with the infamous locationgate. Some argue that Apple should not have responded more than it initially did. Now that the company has addressed this specific case, others wonder if it will do the same whenever a new malware or virus appears on the Mac. Meanwhile, the webmaster of MacDefender.org, which has nothing to do with the malware, is taking the blame from clueless users. On the homepage, he wrote:

This webpage is in no way related to the scareware "MAC Defender", "MAC Protector" or "MAC Security. So please stop sending mails. There is no website for this scareware and of course you can not contact the authors of this application. This webpage is just a personal website and I've been using this nick name for years. This is just scareware named after the already existing PC Defender. If you can not find a removal instruction with Google feel free to contact me (as I always will answer / help with any Mac related stuff). But please stop spamming my inbox with complaints as this is definitely the wrong place! Please have a look at the Intego Security Memo or Sophos blog for more information.

Ed Bott of ZDNet estimates between 60,000 and 125,000 users were affected by the malware, and the number is growing as we speak.