+ Reply
Page 1 of 3 123 LastLast
Results 1 to 20 of 47

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: New Macintosh Trojan Disables Apple Anti-Malware

is a discussion within the

Mac News

forums, a part of the

General Apple/Mac

section;
There is a new trojan horse for Macintosh. Be very careful what you enter your password for. Another trojan has been unleashed onto the internet that affects Mac users. The
...
  1. #1
    MMi Staff Writer Anthony Bouchard's Avatar
    Join Date
    Sep 2011
    Location
    Florida
    Posts
    6,628
    Thanks
    194
    Thanked 960 Times in 703 Posts

    Default New Macintosh Trojan Disables Apple Anti-Malware

    There is a new trojan horse for Macintosh. Be very careful what you enter your password for.

    Another trojan has been unleashed onto the internet that affects Mac users. The name is Flashback.C. The trojan will execute under normal circumstances as when you download a .dmg file and run it. It will disguise itself as an Adobe Flash Player installation. Once it prompts you with your password, you better make sure that you downloaded the file from Adobe's website yourself, otherwise, close it immediately and eject the image and delete the disk image file (.dmg). I never recommend installing any updates automatically because files in your system can be tricked into downloading from inconspicuous sources (we here at modmyi know just how easy it is to trick a server – we do it with Cydia all the time). When installing an update, I recommend only downloading directly from the legitimate site itself. If you are aware that there is an Adobe Flash Player update, just go to Adobe's site and download the .dmg file from them directly, then install it over what you have already. If you need a link, then download Adobe Flash Player from here, and don't download it from anywhere else. This will ensure your security – or at least more so than just trusting a random popup that says you have an Adobe Flash Player update.

    This specific trojan horse, once installed, will wipe out files necessary for the malware definition updating process to run properly. This will leave your Mac vulnerable to malware. Again, I highlight the word 'malware' because Macs are armed with built in protection from malware which is anti-virus grade protection from malware. Malware only. To date, there has never been a successful virus launch for Mac OS X. Malware patches are offered by Apple regularly, and Trojan Horses occur maybe once or twice a year at best. Worms for Mac OS X are very rare. If you insist on saying that they're all the same and that Mac OS X has indeed had viruses – you can read about the differences here. Apple swiftly deals a lethal blow to many of these security threats and the Mac continues to act as though nothing ever happened. When referring to anything that can do harm to your computer, remember that infections have categories and that just because what it does is bad doesn't make it a virus.

    Mac OS X Snow Leopard and Mac OS X Lion operate on the same security channel, getting updates from the same server with the same files. This means that anything that affects one operating system will affect the other. If you have the application LittleSnitch installed on your Mac, Flashback.C will automatically self-terminate itself before it does its malicious deed.

    Again, the best way to fight this new infection is to be aware of everything that is being downloaded into your computer and to understand its source. If you believe that you might have been infected by this trojan, or if you are just a worry wart that wants to make sure they haven't contracted it by mistake, F-Secure has instructions here on how to look for and remove Flashback.C. Good luck and stay safe!

    Do you know anyone who's been infected by Flashback.C? Share below!

    Sources: Macworld
    Last edited by Anthony Bouchard; 10-19-2011 at 08:57 PM.

  2. #2
    iPhone? More like MyPhone maddawg05's Avatar
    Join Date
    Jan 2009
    Location
    Orlando
    Posts
    241
    Thanks
    5
    Thanked 10 Times in 8 Posts

    I am sure there are more and more out there that we'll be seeing in the future.

  3. #3
    Green Apple CustomSS1's Avatar
    Join Date
    May 2011
    Posts
    81
    Thanks
    0
    Thanked 1 Time in 1 Post
    How boring and sad must someones life be to make a virus/trojan to damage other computers?
    I mean seriously, do something useful in your life instead!

  4. #4
    Moderator Admin Broomhead's Avatar
    Join Date
    Sep 2007
    Location
    Outside Chicago IL
    Posts
    17,147
    Thanks
    502
    Thanked 1,717 Times in 1,170 Posts

    executable file? I didn't think those files would open on a Mac, even if I wanted them to. Please someone shed some light on this...

  5. #5
    iPhoneaholic spazturtle's Avatar
    Join Date
    Mar 2009
    Posts
    321
    Thanks
    115
    Thanked 27 Times in 16 Posts

    If you are running the new version of flash (11) it no longer updates though the installer. It has a section in system preferences that is used to update.

  6. #6
    Livin the iPhone Life Stray's Avatar
    Join Date
    Oct 2010
    Location
    You Know...
    Posts
    14,067
    Thanks
    675
    Thanked 1,357 Times in 1,074 Posts

    Quote Originally Posted by Broomhead View Post
    executable file? I didn't think those files would open on a Mac, even if I wanted them to. Please someone shed some light on this...
    .dmg
    Quote Originally Posted by ikesmasher View Post
    that was officially the scariest thing you have ever said str4y.
    Quote Originally Posted by Pancho paco View Post
    Dude T.M.I

  7. #7
    iPhoneaholic spazturtle's Avatar
    Join Date
    Mar 2009
    Posts
    321
    Thanks
    115
    Thanked 27 Times in 16 Posts

    Quote Originally Posted by Broomhead View Post
    executable file? I didn't think those files would open on a Mac, even if I wanted them to. Please someone shed some light on this...
    A executable file is a file that you can run, like an .app or .sh

  8. #8
    Moderator Admin Broomhead's Avatar
    Join Date
    Sep 2007
    Location
    Outside Chicago IL
    Posts
    17,147
    Thanks
    502
    Thanked 1,717 Times in 1,170 Posts

    Quote Originally Posted by Stray View Post
    .dmg
    executable is .exe

    .app is an application.
    .dmg is a disk image (a notion Windows users have trouble grasping)
    .sea is a self extracting archive which is like an app because it doesn't require another app to extract the compressed file it contains.
    I rarely see .sea anymore because developers release their apps on dmg's or they are compressed as plain stuffit archives or gz.
    Last edited by Broomhead; 10-19-2011 at 05:04 PM.

  9. #9
    iPhoneaholic spazturtle's Avatar
    Join Date
    Mar 2009
    Posts
    321
    Thanks
    115
    Thanked 27 Times in 16 Posts

    Quote Originally Posted by Stray View Post
    .dmg
    .dmgs are disk files not executable files.

  10. #10
    MMi Staff Writer Anthony Bouchard's Avatar
    Join Date
    Sep 2011
    Location
    Florida
    Posts
    6,628
    Thanks
    194
    Thanked 960 Times in 703 Posts

    Quote Originally Posted by Broomhead View Post
    executable file? I didn't think those files would open on a Mac, even if I wanted them to. Please someone shed some light on this...
    I've always referred to .Dmg files as Mac executable files. Do you call them something different?

  11. #11
    iPhoneaholic spazturtle's Avatar
    Join Date
    Mar 2009
    Posts
    321
    Thanks
    115
    Thanked 27 Times in 16 Posts

    Quote Originally Posted by Anthony Bouchard View Post
    I've always referred to .Dmg files as Mac executable files. Do you call them something different?
    Dmgs are not programmes they are virtual disks. An executable file is a file that run, executable means runable, files like .app or .sh are executable files.

  12. #12
    MMi Staff Writer Anthony Bouchard's Avatar
    Join Date
    Sep 2011
    Location
    Florida
    Posts
    6,628
    Thanks
    194
    Thanked 960 Times in 703 Posts

    Quote Originally Posted by spazturtle View Post
    Dmgs are not programmes they are virtual disks. An executable file is a file that run, executable means runable, files like .app or .sh are executable files.
    Thanks, I'll rewrite that portion of the article pronto.

  13. #13
    Moderator Admin Broomhead's Avatar
    Join Date
    Sep 2007
    Location
    Outside Chicago IL
    Posts
    17,147
    Thanks
    502
    Thanked 1,717 Times in 1,170 Posts

    Quote Originally Posted by Anthony Bouchard View Post
    Thanks, I'll rewrite that portion of the article pronto.
    Thank you

  14. #14
    MMi Staff Writer Anthony Bouchard's Avatar
    Join Date
    Sep 2011
    Location
    Florida
    Posts
    6,628
    Thanks
    194
    Thanked 960 Times in 703 Posts

    Quote Originally Posted by Broomhead View Post
    executable is .exe
    .dmg is a disk image (a notion Windows users have trouble grasping)
    Not that I don't grasp the idea; a Mac/Windows user myself, I understand that completely. I refer to them as Mac executable counterparts actually for that exact reason. Windows users will understand the concept better.

  15. #15
    Moderator Admin Broomhead's Avatar
    Join Date
    Sep 2007
    Location
    Outside Chicago IL
    Posts
    17,147
    Thanks
    502
    Thanked 1,717 Times in 1,170 Posts

    Quote Originally Posted by Anthony Bouchard View Post
    Not that I don't grasp the idea; a Mac/Windows user myself, I understand that completely. I refer to them as Mac executable counterparts actually for that exact reason. Windows users will understand the concept better.
    That was not directed at you personally. I had no idea of your operating system

  16. #16
    Green Apple
    Join Date
    Feb 2011
    Posts
    66
    Thanks
    1
    Thanked 2 Times in 1 Post
    I thought I infected my MBP with it since the Adobe Flash wanted to update a few times. I thought it was strange at the time but updated anyway. When I read this post I figured I infected my computer and went to look for the string of code in the .plist for Safari but couldn't find it. Does that mean I'm not infected or what? Also, I installed LittleSnitch, which if I do have the trojan it would be too late anyhow, but now I can't quit or uninstall it. Amidoinitrong? :no idea:

    EDIT: Found the uninstaller option in the .dmg but still unsure if I'm infected.
    Last edited by AfterMercyFM; 10-19-2011 at 05:17 PM.

  17. #17
    What's Jailbreak?
    Join Date
    Jun 2009
    Posts
    7
    Thanks
    0
    Thanked 1 Time in 1 Post
    Default Incorrect
    Quote Originally Posted by spazturtle View Post
    If you are running the new version of flash (11) it no longer updates though the installer. It has a section in system preferences that is used to update.
    That is incorrect. The Check Now button in the PrefPane simply sends you to an Adobe downloads page. It (the page) doesn't even bother to sniff your player version and tell you if you need the update or not. Furthermore, up until a few weeks ago, the certificate for the page was wrong and would cause Safari to throw an error dialog.

    This is a mess. And it is all on Apple.

  18. #18
    iPhone? More like MyPhone
    Join Date
    Sep 2010
    Posts
    133
    Thanks
    3
    Thanked 4 Times in 4 Posts

    but but mac's dont get viruses!! i was lied to!!! lol proves that any OS has vulnerabilities, and the dumber the user the more likely to get affected..

  19. #19
    iPhoneaholic duromega's Avatar
    Join Date
    Nov 2008
    Location
    New York
    Posts
    381
    Thanks
    0
    Thanked 10 Times in 10 Posts

    Quote Originally Posted by Anthony Bouchard View Post
    I've always referred to .Dmg files as Mac executable files. Do you call them something different?
    executable or disk image Anthony refereed in the article as a (dmg) when I was reading and saw "executable" I was a little confused but then he specified (dmg) i knew what he was talking about if you have a mac you should know mac os sees the file in other language, here the point is not the file type is to mac users know there is a worm out there I'm gonna be aware and I won't update my Adobe Flash automatically!! Thank you Anthony for the article!





  20. #20
    MMi Staff Writer Anthony Bouchard's Avatar
    Join Date
    Sep 2011
    Location
    Florida
    Posts
    6,628
    Thanks
    194
    Thanked 960 Times in 703 Posts

    Quote Originally Posted by AfterMercyFM View Post
    I thought I infected my MBP with it since the Adobe Flash wanted to update a few times. I thought it was strange at the time but updated anyway. When I read this post I figured I infected my computer and went to look for the string of code in the .plist for Safari but couldn't find it. Does that mean I'm not infected or what? Also, I installed LittleSnitch, which if I do have the trojan it would be too late anyhow, but now I can't quit or uninstall it. Amidoinitrong? :no idea:

    EDIT: Found the uninstaller option in the .dmg but still unsure if I'm infected.
    If you can't find the details necessary to remove it then you should be fine.

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts