This can’t be good. Security types have spotted a scam that targets Apple users that features malicious code signed with a legitimate Apple developer certificate. The code in question poses as a Flash update that is offered to you via a browser pop up. Now a real copy of Flash is downloaded so that you don’t suspect anything. But at the same time an application is downloaded that starts to generate fake prompts that something is wrong with your Mac and that you need to by software that does nothing of any value to fix it.
The developer certificate (assigned to a Maksim Noskov) has yet to be revoked by Apple, according to an alert by Johannes Ullrich of the SANS Institute’s Internet Storm Center. The question is, why hasn’t Apple revoked it as that would mitigate this attack? Clearly it seems that Apple is once again asleep at the switch when it comes to protecting it’s users.
In any case, the usual advice advice applies. don’t download software from untrusted sources, and never take “help” from websites. Ever. Having up to date anti-virus software is a must as well. Finally, since this seems to be tied to Adobe Flash, you should consider dumping Flash as your computer will thank you.
Related
This entry was posted on February 8, 2016 at 1:21 pm and is filed under Commentary with tags Macintosh, Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Fake Flash Update Targets Unsuspecting Mac Users
This can’t be good. Security types have spotted a scam that targets Apple users that features malicious code signed with a legitimate Apple developer certificate. The code in question poses as a Flash update that is offered to you via a browser pop up. Now a real copy of Flash is downloaded so that you don’t suspect anything. But at the same time an application is downloaded that starts to generate fake prompts that something is wrong with your Mac and that you need to by software that does nothing of any value to fix it.
The developer certificate (assigned to a Maksim Noskov) has yet to be revoked by Apple, according to an alert by Johannes Ullrich of the SANS Institute’s Internet Storm Center. The question is, why hasn’t Apple revoked it as that would mitigate this attack? Clearly it seems that Apple is once again asleep at the switch when it comes to protecting it’s users.
In any case, the usual advice advice applies. don’t download software from untrusted sources, and never take “help” from websites. Ever. Having up to date anti-virus software is a must as well. Finally, since this seems to be tied to Adobe Flash, you should consider dumping Flash as your computer will thank you.
Share this:
Like this:
Related
This entry was posted on February 8, 2016 at 1:21 pm and is filed under Commentary with tags Macintosh, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.