Watch Out! This Trojan Pretends To Be Adobe Flash To Infect Your Mac

Watch Out! This Trojan Pretends To Be Adobe Flash To Infect Your Mac

There’s loads of reasons not to install Flash on your Mac, from extending your battery life to keeping your system running like greased lightning. If those reasons aren’t good enough for you, though, here’s another one: a new Trojan for Mac is going around that poses as FlashPlayer, and if you’re not careful, installing Flash on a new Mac is all that it could take to infect your system.

F-Secure calls the Trojan Bash/QHost.WB. Here’s how it works:

Once installed, the trojan adds entries to the hosts file to hijack users visiting various Google sites (e.g., Google.com.tw, Google.com.tl, et cetera) to the IP address 91.224.160.26, which is located in Netherlands.

The server at the IP address displays a fake webpage designed to appear similar to the legitimate Google site.

Here’s what it looks like in action:

Watch Out! This Trojan Pretends To Be Adobe Flash To Infect Your Mac

Worse, the Trojan actually is programmed to serve pop-up ads, and while no ads are displaying now, the system’s in place, just waiting to go live.

Obviously, if you’re going to install Flash, the only safe way to do so is through Adobe’s official site. Why not try to live without it though? Your computer will thank you.

Related
  • James Winstanley

    How does it fool you into thinking it’s legit?  Popup?  Can you post a screenshot of the lure, please?

  • Alain Galvan

    So much hate of Flash, and now this will only add to the fire. 

    Until Apple or some other company makes something that is as good as Adobe Flash Professional, I don’t see HTML5 really taking over in the Flash Animator/Game Maker side of the world. It’s a new standard, and like all new standards, It takes a big base to get things moving. I’m happy that Apple is supporting this competitor to Flash, but hate only breeds more hate bro. 

    Thank goodness Adobe’s experimenting with HTML5 exports with flash documents. :D

  • Haroon Ghalib

    I guess if there’s mutual respect between apple and adobe, things would not be as bad. Flash player aint that bad, it still has its utility.  I am big apple fan, but where its due you have to give it, i think its more matter of ego clash between Job and Adobe!
    Hope Adobe comes up with something good!

  • GDal

    If a fool installs software from an unknown source when the real source is easily accessed, then the fool deserves the reward.

  • Holystain

    it’s quite a cool idea, but html5 is not as good as i expect it to be some day, so for now i stay with snow leopard and flash :)

  • b3gr33n

    Thanks for the report. It’s a shame it was ruined by a petty lame and cultish attack on Flash. How is Flash going to drain my iMac’s or MacPro’s battery? It certainly is NOT going to affect the machine’s overall performance. These are erroneous statements. But I guess that is to be expected from a cult. 

  • Franklin Escobar

    Another Good reason for not installing flash in your mac xD

  • Datuk Hafifi Zainal Abidin

    yeah, if it can drain my MBP battery, better i uninstall it back. but, is there any effect if i uninstall it back?

  • Tom McGrath

    The only thing that makes me carry on using Flash on my PC is BBC iPlayer really. I hope they start using HTML 5 soon.

  • WVMikeP

    The official Flash from Adobe is a Trojan as far as I’m concerned anyway.  

  • Apple_News

    Check out this great apple blog!

    http://applefanboynews.com/

  • Delon_Holmes

    html5 is taking over. Pandora, youtube, twitter and youporn are adopting html5

  • Apple_News

    Check out this great apple blog!

    http://applefanboynews.com/

  • Stephen Cook

    Yeah, I did. All the stories are clippings from Cult of Mac and MacRumors.

  • Anthony

    Also take a look at Adobe Edge. 

  • b3gr33n

    I have a 2008 MBP and have had Flash on it for years. I like the convenience and have never really had a gripe with it.

  • Cindon83

    THe people who get this virus have to be the same people who get the Amish Email virus and delete their hard drive because the email tells them to. 

  • lsla224
  • CamilloMiller

    Trying to get your trojan into a Mac with an Adobe Flash installer disguise is like an Intelligence Agency sending a sexy lady-spy to a secret convention of homosexual terrorists.

About the author

John BrownleeJohn Brownlee is a Contributing Editor. He has also written for Wired, Playboy, Boing Boing, Popular Mechanics, VentureBeat, and Gizmodo. He lives in Boston with his girlfriend and two parakeets. You can follow him here on Twitter.

(sorry, you need Javascript to see this e-mail address)| Read more posts by .

Posted in News | Tagged: , , |