Watch out for this guys!

Discussion in 'macOS' started by tug, Oct 5, 2011.

  1. Hansr macrumors 6502a

    Joined:
    Apr 1, 2007
    #2
    How.... why would you accept a download of flash player from any other source than going manually to adobe or using the build in updater?
     
  2. tug thread starter macrumors 6502

    Joined:
    Feb 3, 2010
    Location:
    loughborough. u.k.
    #3
    hi hansr,
    yeah, just browsin, and it just appeared for no apparent reason!
    i went to cancel the thing and it just d/l by itself.:eek:
    so quick as a flash trashed the package and emptied the bin.

    just thought id let y'all know whats on the rounds is all. :)
     
  3. AlanShutko macrumors 6502a

    Joined:
    Jun 2, 2008
    #4
    Actually, you don't have to. I just saw this one myself, triggered somehow off a Voilà survey. What happens is that via javascript it takes you to a new page, and pushes a download to you. It also displays all those screens to make you think you need to run a Flash install. From the redirects, it was from some domain in adobeflashplayer.*.cc or something. I'm not sure where to find logs to track it down directly.

    On my machine, the .pkg appeared in my download directory and was not automatically started. Since it was suspicious, I did some googling and found that yes, it's malware.
     
  4. McGiord macrumors 601

    McGiord

    Joined:
    Oct 5, 2003
    Location:
    Dark Castle
    #5
    How you check if your Mac is infected? And you repair it?
     
  5. Hansr macrumors 6502a

    Joined:
    Apr 1, 2007
    #6
    Google says check for /Users/YOU/Library/Preferences/Preferences.dylib

    To avoid it:
    - For one maybe don't browse dodgy web sites.
    - Disable Safari's "Open Safe Files".
    - Add these to your host file: http://someonewhocares.org/hosts/
    - Install AdBlock(er)
    - And obviously never install anything you didn't explicitly download and know is from a verified source.
     
  6. McGiord macrumors 601

    McGiord

    Joined:
    Oct 5, 2003
    Location:
    Dark Castle
    #7
    I am using Lion and my user folder structure doesn't show the Libraries folder.

    Has Apple released an update for this?
     
  7. r0k macrumors 68040

    r0k

    Joined:
    Mar 3, 2008
    Location:
    Detroit
    #8
    Yes. Oops. Perhaps not. That article I linked was about was different malware. Just avoid downloading flash from anybody but adobe.com.
     
  8. McGiord macrumors 601

    McGiord

    Joined:
    Oct 5, 2003
    Location:
    Dark Castle
    #9
    I tried to get the virus barrier trial, and it didn't work to update, maybe I need to adjust some ports.
    Anyway, using other free antivirus scanned the Mac and it foun some Windows Trojan, cleaned it and I am starting to think it is a good idea to use an antivirus from time to time to clean any windows threats as I share emails with many many windows users.
     
  9. r0k macrumors 68040

    r0k

    Joined:
    Mar 3, 2008
    Location:
    Detroit
    #10
    Those windows threats aren't spread by anything running on your Mac. They are spread if you forward emails containing windows threats that were already there. I don't bother with antivirus but I admit that avoiding the spread of windows threats is about the only good reason to consider AV on OS X. Just avoid the OS X software sold by the big windows AV names (McAffee or Symantec). They are a huge waste of money and system resources on any platform.
     

Share This Page