Phony Adobe Flash Update Hosts Malware, Targets Apple Users

By on Feb 10, 2016

Computer maintenance is often a simple equation: avoid behavior that might land you a virus, and keep your software up-to-date. Thanks to security update pop-up reminders, the latter is usually an easy step. However, while these alerts may be helpful to you as a user, not all of them are to be trusted. Take, for example, a fake version of an Adobe Flash update that recently surfaced.

This phony pop-up appears on Apple users’ browsers, alerting them to download the latest update for Adobe Flash Player. Unfortunately, the download is a 2-for-1 deal: when users click on the update, they end up downloading malware right alongside it.

And it turns out it’s not just any old malware—it’s scareware.

Essentially, scareware is a program that will cause various pop-ups to appear on your screen, claiming your device is infected by a virus. In reality, these alerts are for phony updates in disguise. Before you know it, you’re clicking all sorts of buttons in the hopes of saving your device, but you actually end up infecting your computer with multiple viruses.

The funny thing is, while the Adobe Flash update is downloaded in a fake bundle (complete with a side of malware), it is a real update nonetheless. You see, the package was signed with a valid Apple certificate, meaning that when downloaded, it would be able to pass security checks. By piggybacking malicious code onto a file with a valid certificate, cybercriminals had found an in.

The good news? Scareware requires your permission to install. That means if you take proper precautions, you can avoid clicking on dangerous links to begin with. Attacks like this one often use social engineering, a tactic where cybercriminals manipulate users into clicking on a malicious link (think the bogus ‘You’ve Won!’ spam emails). You, as a user, have a lot more control in this situation than you think.

With that in mind, here are a few tips to keep yourself protected:

  • Be wary of where your downloads come from. Always visit a software developer’s site directly for updates. In this scenario, that would mean downloading the Flash Player update directly from the official Adobe website, rather than a mysterious third party.
  • Think before you click. There are any number of notifications that could appear on your screen, telling you your computer has a critical security issue. Are they all true? Make sure to do some research before reacting to a suspicious pop-up. Chances are, if there’s actually a problem with your device, the solution will still be available after you’ve looked into it—so pass on the impulsive clicking.
  • Use a comprehensive security solution. Protecting all your devices with a comprehensive security solution, like McAfee LiveSafe, can keep you from harm’s way online, and shield you from malware and other cyberattacks.



About the Author

Gary Davis

Gary Davis was previously McAfee's Consumer Security Evangelist providing security education and advice to businesses and consumers. He is a sought-after speaker on trends in digital security, appearing at conferences and events, as well as security and consumer lifestyle broadcast outlets and publications such as ABC, NBC, FOX, the Wall Street Journal, USA Today, Money ...

Read more posts from Gary Davis

  1. I hope this isn't something we Linux users have to worry about?…After all some of us don't even USE Adobe Flash…instead we have open source alternatives to cover it. And most of the Linux using populace uses it more for devops, programming and the like. So sitting around watching funny videos or flashy web pages isn't high on the tech list. I wonder if people who use Apple machines are strictly doing it because of the mythical "Coolness Factor"? or if they actually have a legitimate reason for shelling out that much money for the devices that are quite limited by design.?….Hmm….guess I'll never know…

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to McAfee Securing Tomorrow Blogs