![]() The fact that the scareware installer was signed with an Apple developer certificate is important, because it allows the malware to bypass a key defence that is built into modern versions of OS X. Johannes Ullrich of the SANS Institute’s Internet Storm Center first reported on the threat, noting that the scareware’s installer was digitally signed with a valid Apple developer certificate, issued to one Maksim Noskov. Instead, social engineering is being used to trick the unsuspecting user into unwittingly downloading and running a bogus version of Adobe Flash - designed to infect their computer with scareware. The beauty of this approach, from the criminals’ point of view, is that the attack doesn’t rely upon any software vulnerability or exploit. The first sign you will see that criminals are interested in infecting your Mac OS X computer is if you see a pop-up like this appear while you are browsing the web:įollowing the phoney alert’s advice to download an Adobe Flash update from a site you have never heard of is, of course, unwise. That’s precisely what criminals are doing now, in their attempts to infect Apple Mac users with scareware. ![]() ![]() ![]() So, what better way to trick someone into having their computer infected than by disguising it as an actual Adobe Flash update? Even if you don’t run Flash on your computer, you’ve surely seen the many headlines in the tech media over the years of the importance of keeping Adobe Flash (and its Acrobat PDF Reader stablemate) updated to protect against malicious attack. Malware + Recommended + Security News Fake Flash Player Update Infects Macs with Scareware Īnyone who has been using computers for any length of time should (hopefully) be aware of the endless ritual of updating Adobe Flash against security vulnerabilities.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |