Saturday, April 07, 2012

The Hoopla around the "Widespread" Mac Trojan

So a "new" (no it's not new) Mac Flashback Trojan is the talk of the town in tech media circles right now. 600K may be infected, which tells me that there are approximately 600K Mac owners out there who need some BASIC instruction on avoiding malware (the same folks who've infected their PCs for years because they're clueless).

For what it's worth, I ran the terminal commands to check my machine and…as I believed…it's clean. The reason is that I don't install software on my machine from just anywhere. If I want to install Flash, I go to Adobe's site myself. I NEVER rely on another's hyperlink (heck, I even know how to check the hyperlink…just hover your cursor over it for a second). You wouldn't do this to go to your bank account from an email, would you? Then why do it anywhere else for ANY reason.

Social engineering is the tool these malicious developers use most often, so do yourself a favor: learn how to avoid being duped in the first place.

The malware in question is a trojan horse called Flashback (OSX/flashback.A); users may end up acquiring it by clicking a link on a malicious website to download or install Flash player. If those users also have their Safari settings to automatically open safe files (which .pkg and .mkpg files are considered to be), an installer will show up on their desktops as if they are legitimately installing Flash.

[From Mac trojan pretends to be Flash Player Installer to get in the door]