Evidence of a new bit of Mac malware has surfaced and it is taking the form of a trojan horse that disguises itself as the Flash installer, reports Intego. The security company reports that it has seen only one example of the malware so far, so don’t panic.
The malware, called flashback.A, is transmitted by using a displaying a ‘Flash must be installed’ message when Mac users visit a site. When the link is clicked, they get the fake ‘Install Flash Player’ package which installs the trojan horse. The malware injects code which connects to a remote server and sends information out to a sever including the infected machine’s MAC address.
It’s not clear what the purpose of the malware is at the moment but it is safe to say that you’re not going to want it installed.
Because Flash does not come pre-installed on any new Macs, this could become an issue if it gets widespread. The instance of those needing to install flash themselves will be much higher than previously.
The main ways to protect against Flashback are never to install Flash from anywhere but Adobe’s site. If a site says you need flash, go there and install it, then visit Adobe’s site to get the official package.
If you’re a Safari user, you should also uncheck ‘Open safe files after downloading’ option under Preferences>General. This will prevent Safari from auto-launching packages like this.
There isn’t much reason to be concerned about this bit of malware besides to be generally careful about what strange apps you install off of random sites, you know, as usual.