Mac Trojan Hides in Fake Adobe Flash Installer
CREDIT: Image composite by SecurityNewsDaily
In a "flash," Mac users can unknowingly download a harmful Trojan.
The Trojan, called "Flashback," has been spotted hiding inside phony Adobe Flash Player installers, and if downloaded, it can wreak havoc on Apple's OS X operating system, according to the security firm Intego, which discovered it.
"If the user proceeds with the installation procedure, the installer for this Trojan horse will deactivate some network security software code," Intego wrote in a blog post. After weakening the Mac's defenses which, depending on the browser, are set to automatically download installation packages Flashback is able to inject malicious code onto infected computers and report the compromised system's media access control (MAC) address, an identifier unique to each computer, back to a remote server.
This new threat comes hot on the heels of "Revir," last week's Mac Trojan , which disguised itself a Chinese-language PDF document about the Pinnacle Islands in order to slip unnoticed into Apple users' systems.
Although Intego said it has received only one report from a victim who accidentally downloaded Flashback, the potential pool of victims remains high, as the Trojan chose a smart host. Mac OS X does not include Adobe Flash Player. That said, Intego believes "some users may be fooled and think this is a real installation link" for the desirable software product.
Stay ahead of this and other Mac-specific computer threats by running anti-virus software built for Apple's operating system. If you browse the Web with Safari, Intego recommends unchecking the "Open Safe files after downloading" in the browser's "General preferences" menu.
A parting bit of advice: Just because you use a Mac does not mean you are invulnerable to cybercrooks and online scammers. New types of sophisticated computer threats have emerged with their sights set on Macs, and it's crucial to recognize that your system, whether it's a laptop, an iPhone or and iPad, is not safe simply by virtue of its maker.