"Apple's [antivirus] did not detect the new sample," said Peter James, a spokesman for Intego, a French firm that develops Mac security software.
According to James, the new malware file is identified as "mdinstall.pkg" and if installed, plants the phony MacGuard software on the victim's Mac.
Intego confirmed what reported earlier Wednesday, that the scammers had created a new version that wasn't detected by Apple's new defenses.
"This isn't surprising, that there's a new variant out almost as soon as Apple released its security update Tuesday," said James. "[The attackers] are following the news, they're efficient."
On Tuesday, for Mac OS X 10.6, aka Snow Leopard, that warns users that they've downloaded fake Mac security software and scrubs machines already infected with the scareware.