“Mac users are once again being urged to exercise caution when installing updates to Adobe Flash Player, after a fake update was discovered infecting computers,” Graham Cluley reports for Intego. “Intego security experts have identified the rogue package installer as a variant of OSX/InstallCore, and have updated Intego VirusBarrier definitions to provide protection.”
“The in-the-wild attack has been spread in the form of a Mac Package installer .pkg file, also known a flat package, and has been signed with a legitimate Developer ID certificate — effectively tricking OS X’s built-in Gatekeeper security to believe that the files can be trusted and are not malicious,” Cluley reports. “As a result, victims may find that their OS X computers have had a number of potentially unwanted programs (PUPs) installed on their systems. Intego researchers report that third-party apps they have seen being installed by the fake Adobe Flash update include MegaBackup, ZipCloud, and MacKeeper.”
Read more in the full article here.
MacDailyNews Take: Just to be safe, we only update Flash – on the few Macs that still have Flash installed – directly via Adobe’s website: http://www.adobe.com/support/flash/downloads.html. We recommend you do the same.