New malware is circulating on the Internet that infects Mac machines and tries to trick users into giving away their credit card data. According to Intego the malicious app called MacDefender hides on some webpages that use search engine optimization to spam the results of popular searches. On such infected websites users can see animation of a malware scam followed by a pop-up message telling users that their computer is infected. JavaScript on the page then automatically downloads a compressed ZIP file containing the malware.

If Safari browser is set to the "open 'safe' files after downloading" option within the browser's settings, the MacDefender malware installation begins automatically. Otherwise, the user must open the ZIP file and install the app manually.

The main goal of the malware is to scare users there are viruses on their machines and they need to provide their credit card details in order to pay for cleaning their PCs from malicious software.

Intego describes this Mac malware as low risk and not very widespread for now. It's also fairly easy to remove, as The Next Web points out. First, use the Activity Monitor (under Applications > Utilities) to disable anything related to MacDefender. Then, make sure there are no references to the malware app in Library/StartupItems or, in the same place, LaunchAgents and LaunchDaemons. Then, move the MacDefender app from Applications to Trash, and delete the trash. Finally, use Spotlight Search to find and delete any remaining references to the app.

For prevention, Intego recommends its own anti-virus software (of course), but all you really need is common sense. Uncheck the "open 'safe' files after downloading" option in Safari and never, ever install anti-virus software that pops up on some random website, no matter how many viruses it says your computer has.