Don’t think just because you have a Mac that you’re safe from malware, viruses or whatever other rogue applications are roaming around searching for trouble.
The latest variant of the Flashback Trojan discovered just last month, dubbed OSX/Flashback.C, has been found to have the ability of keeping OS X’s built-in anti-malware software, XProtect from receiving automatic updates.
According to the report by FSecure, OSX/Flashback.C decrypts paths within XProtectUpdater in order to decrypt the XProtectUpdater binary and unload the XProtectUpdater daemon. Once that’s said and done, OSX/Flashback.C moves to overwriting certain files that XProtect relies on for updates. This prevents XProtect from automatically receiving future definition updates from Apple and puts your system at the mercy of future malware programs.
Although XProtect isn’t a full-blown anti-malware application, it does provide limited protection against a small list of Trojans. Still, it's always recommended that Mac users run a complete anti-virus solution on their computer to make sure they have the best protection possible.
Disabling anti-malware applications is really nothing new, as it’s a common trick performed by malware that targets Windows PCs. By disabling whatever anti-malware protection that a computer has, the malicious program will be able to do its dirty work without interruption prior to being discovered by the end-user.
The OSX/Flashback Trojan has been found to make its way onto the Macs of unsuspecting users by posing as an update for Adobe Flash. So if you must update Adobe Flash, please go directly to adobe.com and download it there!
Clearly malware authors are taking more interest in targeting Mac users, so if you’re not running proper anti-virus protection on your fruit-flavored computer, its time you looked into getting some.
I personally run ESET NOD32 for Mac on my Macbook Pro, but Sophos Security offers a free anti-virus solution for Macs as well.
Stay safe!
Photo Credit: my-blackberry.net
Be sure to follow us on Twitter at @hyphenet or “Like” us on Facebook to stay up-to-date on the latest security threats.
No comments:
Post a Comment