Site icon

Intego: Malware masquerades as Flash installer

On Monday, security company Intego warned Mac users of a new Trojan horse that masquerades as a Flash Player installation package for OS X Lion.

Mac OS X Server 10.7 (Lion) Server Complete Coverage »

Pricing

Latest Price: $49.99

Get it

Intego reported that the Flashback malware is available on some sites that offer a link or icon to install Flash Player; Lion users may be vulnerable to the scam because the operating system doesn’t automatically include Flash. If users do click on the malicious link in Safari—launching the Mac OS X Installer—the software deactivates some security code, then deletes the original installation package. The malware then sends information about the infected Mac back to a remote server. Intego analysts are still investigating Flashback’s purposes.

Protecting your Mac from this Flashback is relatively easy: Only download Flash from Adobe.com.

Monday’s announcement is the second Trojan horse warning to Mac users in the last week. On Friday, security firm F-Secure warned against Trojan-Dropper:OSX/Revir.A, which appears as a Chinese-language PDF; open it up, and a backdoor connection to a remote server is made. 

As Macworld’s Serenity Caldwell noted after Friday’s warning about the PDF malware, one way for Mac users—particularly those who use Safari—to avoid a problem with Trojan horse malware is to uncheck Safari’s Open ‘Safe’ Files After Downloading option (Safari – Preferences – General); then, as long as you practice common sense computing, you should be safe from most malicious attacks. You should also be sure to keep your OS X malware definitions up to date.

Hi Tech Crime Solutions

Article source: http://www.macworld.com/article/162496/2011/09/intego_malware_masquerades_as_flash_installer.html

View full post on National Cyber Security » Virus/Malware/Worms

Exit mobile version