Phony Adobe Flash Update Hosts Malware, Targets Apple Users

Computer maintenance is often a simple equation: avoid behavior that might land you a virus, and keep your software up-to-date. Thanks to security update pop-up reminders, the latter is usually an easy step. However, while these alerts may be helpful to you as a user, not all of them are to be trusted. Take, for example, a fake version of an Adobe Flash update that recently surfaced.

This phony pop-up appears on Apple users’ browsers, alerting them to download the latest update for Adobe Flash Player. Unfortunately, the download is a 2-for-1 deal: when users click on the update, they end up downloading malware right alongside it.

And it turns out it’s not just any old malware—it’s scareware.

Essentially, scareware is a program that will cause various pop-ups to appear on your screen, claiming your device is infected by a virus. In reality, these alerts are for phony updates in disguise. Before you know it, you’re clicking all sorts of buttons in the hopes of saving your device, but you actually end up infecting your computer with multiple viruses.

The funny thing is, while the Adobe Flash update is downloaded in a fake bundle (complete with a side of malware), it is a real update nonetheless. You see, the package was signed with a valid Apple certificate, meaning that when downloaded, it would be able to pass security checks. By piggybacking malicious code onto a file with a valid certificate, cybercriminals had found an in.

The good news? Scareware requires your permission to install. That means if you take proper precautions, you can avoid clicking on dangerous links to begin with. Attacks like this one often use social engineering, a tactic where cybercriminals manipulate users into clicking on a malicious link (think the bogus ‘You’ve Won!’ spam emails). You, as a user, have a lot more control in this situation than you think.

With that in mind, here are a few tips to keep yourself protected:

  • Be wary of where your downloads come from. Always visit a software developer’s site directly for updates. In this scenario, that would mean downloading the Flash Player update directly from the official Adobe website, rather than a mysterious third party.
  • Think before you click. There are any number of notifications that could appear on your screen, telling you your computer has a critical security issue. Are they all true? Make sure to do some research before reacting to a suspicious pop-up. Chances are, if there’s actually a problem with your device, the solution will still be available after you’ve looked into it—so pass on the impulsive clicking.
  • Use a comprehensive security solution. Protecting all your devices with a comprehensive security solution, like McAfee LiveSafe, can keep you from harm’s way online, and shield you from malware and other cyberattacks.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @IntelSec_Home on Twitter, and Like us on Facebook.

gary

One comment on “Phony Adobe Flash Update Hosts Malware, Targets Apple Users

  • I hope this isn't something we Linux users have to worry about?…After all some of us don't even USE Adobe Flash…instead we have open source alternatives to cover it. And most of the Linux using populace uses it more for devops, programming and the like. So sitting around watching funny videos or flashy web pages isn't high on the tech list. I wonder if people who use Apple machines are strictly doing it because of the mythical "Coolness Factor"? or if they actually have a legitimate reason for shelling out that much money for the devices that are quite limited by design.?….Hmm….guess I'll never know…

    Reply

Leave a Comment

four × 5 =