Trojan variation disables Mac malware protection
Researchers from F-Secure warn that a variant on a trojan discovered in September, which masquerades as an Adobe Flash Player installer, now exists and is capable of disabling OS X's built-in malware protection.
OSX/Flashback.C disables the auto-updater component of XProtect, which means the system's built-in anti-malware application no longer looks for updates to its malware definitions. This essentially holds the door open for future malware to invade the system unimpeded.
F-Secure provides instructions for removing OSX/Flashback.C if your system has already been compromised. For the truly paranoid, you can also bypass the auto-update process and force your Mac to update its malware definitions manually.
Since OS X malware authors seem to be employing fake Flash Player installers as a delivery vector, it's worth mentioning that you should only download Flash Player from trusted sources. Adobe's website is a good place to start. You could also remove the plug-in version of Flash Player altogether, essentially zeroing out your risk of being exposed to the OSX/Flashback trojan variants; the Google Chrome browser includes a bundled Flash Player if you need to view Flash content.
[Hat tip to Ars Technica]
Subscribe to Newsletter
Software Updatesmore updates
- Fantastical 2.1 for iOS adds new snooze, search and notification features
- ExpanDrive 4, more services and faster sync
- Apple adds iTunes Extras to Apple TV
- Spotify updates with new iPhone controls in time for summer BBQs
- iTunes U update will bring course creation and student discussion to iPad app
- Dropbox for iOS update adds new setup and file management options