New Mac Trojan Pretends To Be Flash, Tricking Users To Install Fake Flash

In case you haven’t heard it yet, Mac users are now ripe to be targeted by a new malware known as Flashback which relies on users who don’t yet have Flash on their Macs.  This trojan horse tricks Mac users to download the fake Flash installer and install it onto their Mac systems.  Mac users can also be infected by this fake Flash installer by visiting a malicious link (i.e., website).  Once Flashback trojan is on a Mac system, it will deactivate security software, inject malicious codes into Mac applications, and sending users’ information back to the malware owner (i.e., hackers).

I can imagine hackers come up with an attractive malicious websites such as a fan website for a very sexy and famous movie star, and then promise some type of pornographic images belong to such movie star if a user clicks on a certain link or installs the fake Flash (i.e., Flashback).  Of course, the hacker can use a trick where it checks to see if a user has already had Flash.  If a Mac user has already had Flash on his/her system, hacker can preprogram the website to show something else more attractive so a user will click on the malicious link to acquire the trojan anyway.  If a Mac user isn’t yet installed Flash on his/her Mac, then the preprogramming website can maliciously present the fake Flash so the user can install it.  I also don’t see why not hackers won’t go as far as sending malicious web links in emails, instant messengers, and so on to infect Mac users with Flashback trojan.

Basically, I advise one not to install Flash when a strange website wants one to do so.  One can always visit the official website of Adobe to install Flash.  Also, one can visit YouTube to acquire a legitimate Flash link, because YouTube will let one knows if one has Flash or not and point one to a legitimate Flash link so one can obtain Flash this way.

Flash may not be necessary as the world wide web moving forward in days to come.  Why?  HTML5 has now become ever more popular.  Many big web services such as Google has now begin concentrating on producing HTML5 web applications.  For an instance, users who don’t have Flash can still view YouTube videos by using a compatible browsers that support HTML5, because Google has programmed HTML5 to perform similar video functions as Flash for YouTube.

In conclusion, one needs not to install Flash and just use HTML5 in replacement for Flash, therefore one can stay away from this Flashback trojan. Flashback trojan can still infect users who click on malicious web links.  So, it’s important for users not to open up strange web links for now.  Hopefully, Apple will release some kind of fix to allow users to be able to actively protect themselves against the mechanics of Flashback trojan.

Source:  http://arstechnica.com/apple/news/2011/09/mac-trojan-pretends-to-be-flash-player-installer-to-get-in-the-door.ars?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+
arstechnica%2Findex+%28Ars+Technica+-+Featured+Content%29

About these ads

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 951 other followers

%d bloggers like this: