# The OSX Malware Goons are at it Again !



## Eeyore (Jul 16, 2009)

The folks at MacRumors have let forum members know that a new Trojan was released into the wild. It disguises itself as a new update to your Flash Player while the user is browsing the internet. This new Trojan is designed to disable Apple's auto-updating trojan removal tool that keeps these nasties at bay. The fake Adobe Flash update and installation looks very convincing to the average user.

http://forums.macrumors.com/showpost.php?p=13668665&postcount=1

For those of us on an iMac or MacBook computers, remember that you *never* install when a pop-up suddenly appears while you are on the internet browsing ! To determine if your Flash Player _really_ needs to be updated, please do the following:

1) Click on the Apple logo on the upper left of your tool bar and select "System Preferences".
2) At the bottom of your screen under "Other" is the red logo with an "f" in it that is labeled "flash player". Click on it.
3) Click on the "Advanced" tab and the second set of boxes says Updates. Click on the button that says "Check Now".
4) This will send you to the authentic Adobe website and shows what version number you currently have on your computer, and what number is the *latest* adobe flash version available. If you need to update, just click on the "player download center" highlight to get the secure version of adobe flash for your computer.

All the best, from a former paranoid Windows user.

Eeyore-- living in the gloomy place (rather boggy and sad) at the Hundred Acre Wood.


----------



## R. M. Reed (Nov 11, 2009)

Is there any way to check if I have this? I did get a Flash update message the other day. I have the most current version, and it is set to check for updates automatically.


----------



## Eeyore (Jul 16, 2009)

RM Reed---

If the secure Adobe flash site and your computer both have the latest version numbers that match, then you probably had an authentic notification. The malware as far as I know just adds itself in and deletes certain critical files. It doesn't know how to update to the latest Adobe flash version number. In the future, if you get the pop-up to update, you may want to escape to desktop and then manually check the secure Adobe site to see if the update is real (or disable automatic updating.) [Just my opinion  ]

Here is a clearer explanation of what the new malware looks like, what it does and what to check for if you did accidentally download it.

http://reviews.cnet.com/8301-13727_7-20119265-263/latest-adobe-flash-trojan-for-os-x-gets-revised/

And for the Apple geeks, the official word from f-secure on the malware:

http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_c.shtml

All the best.


----------

