Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
Mac Newsforums, a part of the
There is a new trojan horse for Macintosh. Be very careful what you enter your password for. Another trojan has been unleashed onto the internet that affects Mac users. The...
10-19-2011, 04:29 PM #1
New Macintosh Trojan – Disables Apple Anti-Malware
There is a new trojan horse for Macintosh. Be very careful what you enter your password for.
Another trojan has been unleashed onto the internet that affects Mac users. The name is Flashback.C. The trojan will execute under normal circumstances as when you download a .dmg file and run it. It will disguise itself as an Adobe Flash Player installation. Once it prompts you with your password, you better make sure that you downloaded the file from Adobe's website yourself, otherwise, close it immediately and eject the image and delete the disk image file (.dmg). I never recommend installing any updates automatically because files in your system can be tricked into downloading from inconspicuous sources (we here at modmyi know just how easy it is to trick a server – we do it with Cydia all the time). When installing an update, I recommend only downloading directly from the legitimate site itself. If you are aware that there is an Adobe Flash Player update, just go to Adobe's site and download the .dmg file from them directly, then install it over what you have already. If you need a link, then download Adobe Flash Player from here, and don't download it from anywhere else. This will ensure your security – or at least more so than just trusting a random popup that says you have an Adobe Flash Player update.
This specific trojan horse, once installed, will wipe out files necessary for the malware definition updating process to run properly. This will leave your Mac vulnerable to malware. Again, I highlight the word 'malware' because Macs are armed with built in protection from malware which is anti-virus grade protection from malware. Malware only. To date, there has never been a successful virus launch for Mac OS X. Malware patches are offered by Apple regularly, and Trojan Horses occur maybe once or twice a year at best. Worms for Mac OS X are very rare. If you insist on saying that they're all the same and that Mac OS X has indeed had viruses – you can read about the differences here. Apple swiftly deals a lethal blow to many of these security threats and the Mac continues to act as though nothing ever happened. When referring to anything that can do harm to your computer, remember that infections have categories and that just because what it does is bad doesn't make it a virus.
Mac OS X Snow Leopard and Mac OS X Lion operate on the same security channel, getting updates from the same server with the same files. This means that anything that affects one operating system will affect the other. If you have the application LittleSnitch installed on your Mac, Flashback.C will automatically self-terminate itself before it does its malicious deed.
Again, the best way to fight this new infection is to be aware of everything that is being downloaded into your computer and to understand its source. If you believe that you might have been infected by this trojan, or if you are just a worry wart that wants to make sure they haven't contracted it by mistake, F-Secure has instructions here on how to look for and remove Flashback.C. Good luck and stay safe!
Do you know anyone who's been infected by Flashback.C? Share below!
Last edited by Anthony Bouchard; 10-19-2011 at 08:57 PM.
10-19-2011, 04:37 PM #2
I am sure there are more and more out there that we'll be seeing in the future.
10-19-2011, 04:44 PM #3
How boring and sad must someones life be to make a virus/trojan to damage other computers?
I mean seriously, do something useful in your life instead!
10-19-2011, 04:54 PM #4
executable file? I didn't think those files would open on a Mac, even if I wanted them to. Please someone shed some light on this...
10-19-2011, 04:58 PM #5
If you are running the new version of flash (11) it no longer updates though the installer. It has a section in system preferences that is used to update.
10-19-2011, 05:01 PM #6
10-19-2011, 05:01 PM #7
10-19-2011, 05:02 PM #8
.app is an application.
.dmg is a disk image (a notion Windows users have trouble grasping)
.sea is a self extracting archive which is like an app because it doesn't require another app to extract the compressed file it contains.
I rarely see .sea anymore because developers release their apps on dmg's or they are compressed as plain stuffit archives or gz.
Last edited by Broomhead; 10-19-2011 at 05:04 PM.
10-19-2011, 05:02 PM #9
10-19-2011, 05:02 PM #10
10-19-2011, 05:04 PM #11
10-19-2011, 05:04 PM #12
10-19-2011, 05:05 PM #13
10-19-2011, 05:10 PM #14
10-19-2011, 05:12 PM #15
10-19-2011, 05:13 PM #16
- Join Date
- Feb 2011
- Thanked 2 Times in 1 Post
I thought I infected my MBP with it since the Adobe Flash wanted to update a few times. I thought it was strange at the time but updated anyway. When I read this post I figured I infected my computer and went to look for the string of code in the .plist for Safari but couldn't find it. Does that mean I'm not infected or what? Also, I installed LittleSnitch, which if I do have the trojan it would be too late anyhow, but now I can't quit or uninstall it. Amidoinitrong? :no idea:
EDIT: Found the uninstaller option in the .dmg but still unsure if I'm infected.
Last edited by AfterMercyFM; 10-19-2011 at 05:17 PM.
10-19-2011, 05:16 PM #17Incorrect
This is a mess. And it is all on Apple.
10-19-2011, 05:17 PM #18
but but mac's dont get viruses!! i was lied to!!! lol proves that any OS has vulnerabilities, and the dumber the user the more likely to get affected..
10-19-2011, 05:18 PM #19
10-19-2011, 05:19 PM #20