You may recall the Flashback.A OS X trojan that Apple patched last month. The virus disguised itself as the official Adobe Flash Player installer and connected to an unknown server to secretly download and run unsigned code.
According to F-Secure, the Flashback trojan is back again in a new variant that’s capable of disabling Apple’s anti-malware tool from auto-updating.
Flashback.C disables Apple’s native anti-malware tool, called XProtect, from receiving updates from Apple that help OS X detect and destroy malware. Not only does this particularly nasty behavior keep Apple from detecting the trojan’s existence, but it also leaves the floodgates open for other future malware attacks on a compromised system.
The reason that FlashBack exists is currently unknown. All we know is that the trojan connects to an unauthorized host and downloads/runs malicious code without the user’s consent.
While we wait for Apple to release an update to combat this new variant of Flashback, it’s important for users to only download Flash Player from trusted sources (such as Apple or Adobe). It’s never wise to install programs from an unverified source, especially when they require an administrative password to run.
(via MacTrast)
Alex Heath is a journalist who works for Tech Insider. He’s the former co-host of The CultCast. He has been quoted by the likes of the BBC, KRON 4 News, and books like “ICONIC: A Photographic Tribute to Apple Innovation.” He lives in Lexington, Kentucky. If you want to pitch a story, share a tip, or just get in touch, additional contact information is available on his personal site. Follow him on Twitter.
5 responses to “New Flashback OS X Trojan is in the Wild, And It Can Kill OS X’s Anti-Malware [Scams]”
that’s why little snitch will make this its’ bitch! if you don’t already own a copy of little snitch – install it and clock block all this nonsense!
Little snitch is a little savior. love it!
This company is a 100% Apple company and they are always first to find Apple Security issues. http://www.intego.com