On Monday, security company Intego warned Mac users of a new Trojan horse that masquerades as a Flash Player installation package for OS X Lion.
Intego reported that the Flashback malware is available on some sites that offer a link or icon to install Flash Player; Lion users may be vulnerable to the scam because the operating system doesn't automatically include Flash.
If users do click on the malicious link in Safari--launching the Mac OS X Installer--the software deactivates some security code, then deletes the original installation package. The malware then sends information about the infected Mac back to a remote server. Intego analysts are still investigating Flashback's purposes.
Protecting your Mac from this Flashback is relatively easy: Only download Flash from Adobe.com.
Monday's announcement is the second Trojan horse warning to Mac users in the last week. On Friday, security firm F-Secure warned against Trojan-Dropper:OSX/Revir.A, which appears as a Chinese-language PDF; open it up, and a backdoor connection to a remote server is made.
As Macworld's Serenity Caldwell noted after Friday's warning about the PDF malware, one way for Mac users--particularly those who use Safari--to avoid a problem with Trojan horse malware is to uncheck Safari's Open 'Safe' Files After Downloading option (Safari -> Preferences -> General); then, as long as you practice common sense computing, you should be safe from most malicious attacks. You should also be sure to keep your OS X malware definitions up to date.
Contact Us
Digg
It's easy and free to get the latest news headlines, reviews and opinions straight to your email inbox. Sign up NOW to make sure you receive the latest Mac news, reviews and tutorials on your favourite topics.
Click here for the latest reader comments