Intego (http://www.intego.com) says it has discovered a rogue anti-malware program called MACDefender, which attacks Macs via SEO poisoning attacks.
The file is decompressed, and the installer it contains launches presenting a user with a set-up installer screen. If the user continues through the installation process, and enters an administrator’s password, the software will be installed.
“It is important that users not continue with any unexpected installation of this type. Intego VirusBarrier X6′s malware definitions will be updated today, and Intego will be publishing a security memo when we have more information about this malware,” says Intego. “For now, the threat is low, but users should be careful not to install software when installers open unexpectedly.”