Back to Mobile View

Skip to Content

Apple updates malware definitions to address fake Flash player trojan

by Mike Schramm Aug 12th 2011 at 4:00PM

Apple's updated an entry in the anti-malware files of OS X to lock down a trojan that pretends to be a Flash player installer, but actually hijacks users' search results. The trojan is known as "OSX.QHost.WB.A," and claims to install Flash, but instead redirects Google results to an IP in the Netherlands, which then loads unwanted ads and offsite content along with the fake search results. When the malware was officially discovered, none of the ad servers actually worked, so the malware threat at this time is more of an inconvenience than anything.

Still, Apple apparently doesn't want to take chances -- it's updated the "XProtect.plist" file in OS X with the definition of the trojan. Since an update earlier this year, you don't even need to run Software Update to get this upgrade, as you likely get File Quarantine definitions upgraded daily already. But it's good to know that steps have been taken already to protect your Mac from this malware.



View Tags

Related Stories

Categories

Software Mac OS X

Apple's updated an entry in the anti-malware files of OS X to lock down a trojan that pretends to be a Flash player installer, but...
 

Add a Comment

Sign in »
*0 / 3000 Character Maximum Comment Moderation Enabled. Your comment will appear after it is cleared by an editor.

2 Comments

Filter by:
mguniverse

It seems tricking people into believing their Mac can have a virus is just as effective as infecting a Mac with a virus.

August 12 2011 at 9:44 PM Report abuse rate up rate down Reply
1 reply to mguniverse's comment
puhsitch

To the user who gets tricked, yeah, but trojans are still severely limited by their inability to self-propagate.

August 13 2011 at 11:00 AM Report abuse rate up rate down Reply
Buy an ad here

Tweets

© 2012 AOL Inc. All Rights Reserved.