The malware's installer looks legitimate, but this is not what Adobe's official installer looks like.Īdobe's official Flash installer will look like this when run.Īccording to F-Secure, the new Trojan variant (called OSX/Flashback.B) now tries to inject code into areas of the system that require administrative access, such as within Application packages like Safari and Firefox. We have been seeing this for a couple of these packages, and today security companies have found that the latest fake Flash Installer Trojan has undergone another revision.
This Trojan, called OSX/flashback.A, is one of a few new malware attempts on the Mac platform that have surfaced in the past few months (others being a PDF-based malware attack and another fake Flash installer).Īs with any malware attempt, we expect there will be future revisions as the criminals developing the software try to refine their code, meaning new variants are likely to crop up. The Trojan attempts a somewhat complex attack that involves disabling security features and inserting into existing applications code that attempts to send personal information to remote servers.
A few weeks ago Intego discovered a new Trojan horse for OS X that poses as an installer for Adobe Flash.
