Mac Trojan Impersonates a Flash Player Installer
Mac Trojan Impersonates a Flash Player Installer
Posted 09/28/2011 at 5:25am
| by Paul Lilly
10
Comments
Print
We've always known that Macs are susceptible to malware, but without a significant portion of market share, why should anyone bother? Now that numbers are up, Mac users are finding out that their platform of choice is also vulnerable, and it's not just Windows users who have to be on the lookout. The latest threat eating away at Apple PCs is a trojan horse that tries to dupe users into thinking it's a harmless Flash Player installer.
It's called Flashback (OSX/flashback.A), and though it's been found in the wild, Mac security software provider Intego considers it a low risk threat. That's mainly because there's only been one report of Flashback fooling anyone. Nevertheless, it "has some disturbing actions."
Certain websites contain a link or an icon to download and install the fake Flash Player, and since Max OS X Lion doesn't include a Flash Player, it's easy to see how something like this could dupe users. Once installed, the Flashback trojan gets to work disabling various network security software, installs a dynamic loader library and auto-launch code, and connects to a remote server where it sends information about the infected machine.
This latest threat to the Mac ecosystem comes right on the heels of another Mac trojan masquerading as a PDF file. Security firm F-Secure says that one is detected as Trojan-Dropper:OSX/Revier.A and "may be attempting to copy the technique implemented by Windows malware, which opens a PDF file containing a '.pdf.exe' extension and an accompanying PDF icon." Once infected, it installs a backdoor in the background.
Now stop laughing at your Mac loving buddy who claims his platform is impervious to malware and go update your own AV software for your Windows machine. Linux users go ahead and stand pat, hardly anyone knows you're there.
More like this
Engelsstaub
September 28, 2011 at 3:22pm
I'm not trying to contradict, but 10% or whatever seems plenty of marketshare to target IMO. While it may not be as worthwile of a target as the Widows-base (businesses here especially) it stlll seems significant enough.
The thing is it doesn't matter what ones OS is if they can duped into installing what is essentiallly a program. The type of people who read mags like MPC are the least likely to get "infections" regardless of the fact that nearly all are using Windows (the least secure due to marketshare or whatever.) 99.9% of you can't be tricked into clicking on shit.
Unix can save no one from their own ignorance. Apple's pretty good about squashing security holes, as is Microsoft. I don't think either company hires stupid people when it comes to stuff like that. I like how MS addresses its own security with MSE. They've essentially told their base "you don't need to pay someone else to protect your computer. When you buy our OS we've got you covered to a reasonable extent."
Being a user of both platforms I have to say from my own personal experience that AV on Mac OS is pretty useless right now. I have ESET on both my PC and my Mac. It blocks all kinds of crap on my PC (expected) but has never found or stopped anything on the Mac. It's a great AV solution but I'm honestly considering not renewing for the Mac (or just using a free solution.)
In 2006 Apple jabbed at MS in their Get a Mac commercials for the PC's susceptibility to viruses. Dumb users always parroted some crap about how Macs can not get a virus but I've never seen Apple make such a claim. As early as 2008 Apple posted a knowledge base article encouraging the use of AV software. They fell short of saying that it's necessary but encouraged it nevertheless. I've always seen this as sort of a vindication that many Mac users are not "sheep" or whatever. Many obviously don't listen when even Steve says they should get AV. They are just computer-stupid, as are all of my family on Win PCs who I have to constantly provide free tech support and virus removal to. ;)
bling581
September 28, 2011 at 8:48am
My sister just bought a Mac laptop and said the guy at Best Buy told her and her fiance that you don't need any anti-virus software if you own a Mac. They don't get viruses. If there was ever a moment that I was ashamed that she was family, this was it. (jk)
I set her straight on the Apple myths and to never listen to Best Buy employees.
Caboose
September 28, 2011 at 6:34am
Dear Mac users;
People in glass houses shouldn't throw stones.
Sincerely
Windows users.
Archangel1976
September 28, 2011 at 11:32am
It's just funny because it's all part of the "Myth of Mac".
That it's safe, secure, more intuitive, will transform you into an intelligent and likeable person, will bake you cookies......
My experience? Between Apple's operating systems, Microsoft's, and Linux, all three are viable. Apple's just the obnoxious kid standing on the corner spouting off about how awesome they are and embracing their own narcissistic ideas.
paladaxar
September 28, 2011 at 9:02am
Shouldn't that be "no one should throw stones"?
I mean, unless you're trapped in a glass house and can't get out. Then I guess it would be an appropriate time to throw stones if you had some.
So maybe it should be "only people in glass houses should throw stones"
:)
blkpanthr
September 29, 2011 at 12:18pm
Thats actually a misinterpretation.
the actual full saying is "People who LIVE in glass houses, shouldnt throw stones"
implying that if you live in a glass house, its not a good idea to throw stones at others as they may throw one back and break your house.
but people just shorten it.
and yes, i am being funny...lol
Connect with MaximumPC
Featured Content
We introduce Intel's latest class of tablet killers and review 4 of the first Ultra...
This month's issue
Feature
11 Hardware Hacks
Feature
Overclock Your CPU
How-To
Supercharge Your Smartphone
Build It
A Powerful $830 Rig
Most Commented Articles
Latest Max PC Tweets
- maximumpc: HUD-Sporting "Google Glasses" May Hit Streets This Year http://t.co/TDXjJowZ2 hours 42 min ago
- maximumpc: Nvidia Releases WHQL-Certified 295.73 GeForce Drivers http://t.co/NVMWruHO4 hours 15 min ago
- maximumpc: http://t.co/BVVfRA3B4 hours 16 min ago
