Cyber security company Intego has discovered new malware that disguises itself as a Flash Player. What is most concerning is that it is being distributed via webpages that appear in Google's search results.
Intego has discovered a new Trojan that is specifically designed to circumvent macOS Catalina's security measures - it describes it in its security blog here. A Trojan is a type of malware that pretends to be legitimate software, in this case a Flash Player, and is then installed by the user on their own computer.
MacOS Catalina has a number of precautions to prevent the installation of malware that include verifying that the apps developers are registered with Apple and if they aren’t warning users and making it more difficult to install the program. It’s possible to install such a program but it is necessary to make changes in the system settings to do so.
This particular Trojan is able to bypass these security restrictions because it launches an installation guide that guides the user through the steps necessary to install it.
This newly discovered Trojan is particularly dangerous because it can be found via Google's search results pages, reports AppleInsider.
If, for example, a web users searches for a title of a YouTube video on Google the results that appear can lead the user to a message suggesting that they have an outdated Flash Player and indicating that they can download the current version via a download button. The Trojan is hidden in this file.
How to protect yourself from malware
The simplest protection against malware is to only install software directly from the manufacturer's website. For example, if you want to install Adobe Flash Player, go directly to the Adobe homepage and look for the corresponding entry.
However the best practice is not to use Flash Player at all - it’s completely unnecessary, and the fact that as of 31 December 2020, Adobe (the development of Flash) will be discontinuing the software demonstrates this fact.
MacOS has long been considered one of the most secure operating systems. But in recent years, more and more malware has appeared that targets Apple's operating system. In a recent study Intego discovered that one in ten Mac computers is infected with the so-called "Shlayer" virus. This malware pretends to be a flash player installer and thus gets onto the computer. Read more about the prevalence of viruses on the Mac here.
Intego has money off Mac Internet Security right now if you click here.
Adobe will end support for Adobe Flash on 31 December 2020, which should mean fewer cases of malware being disguised as the Flash Player.
This article originally appeared on Macwelt Translation by Karen Haslam.