Mac Trojan Horse poses as Adobe Flash Installer

The latest attempt from digital wrongdoers to infect your Mac has been spotted taking on the look and feel of Adobe's Flash Installer.

The latest attempt from digital wrongdoers to infect your Mac has been spotted taking on the look and feel of Adobe's Flash Installer.

Despite your feelings on whether you like Flash on your Mac, this Trojan poses a fairly serious threat to those unsuspecting users who may think they are simply updating Flash Player.

F-Secure has named the Trojan Bash/QHost.WB and have provided some insight as to how it works.

Once installed, the Trojan adds entries to the hosts file to hijack users visiting various Google sites (e.g., Google.com.tw, Google.com.tl, et cetera) to the IP address 91.224.160.26, which is located in Netherlands. The server at the IP address displays a fake Web page designed to appear similar to the legitimate Google site.

Cult of Mac

The Trojan is currently dormant, meaning that while it will take you to the fake Google site, nothing will happen. It is, however, programed to serve pop-up ads once the user has accessed the false IP.

The solution? Only install Adobe updates from Adobe's official Web site. As with any Trojan designed for Mac, the malware only works if the user allows it. Most of the threats currently in the wild can be avoided by simply sticking to paid versions of software obtained directly from trusted creators of the product.

Do you have a Mac security story? Let me know in the comments!

About the author

    Joe is a seasoned Mac veteran with years of experience on the platform. He reports on Macs, iPods, iPhones and anything else Apple sells. He even has worked in Apple retail stores. He's also a creative professional who knows how to use a Mac to get the job done.

     

    Join the discussion

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Galleries from CNET
    15 crazy old phones from a Korean museum (pictures)
    10 gloriously geeky highlights from 2014 (pictures)
    2015.5 Volvo XC60: updated tech, understated design
    Busted! CNET readers show us their broken devices (pictures)
    Take a closer look at the BlackBerry Classic (pictures)