A new Trojan horse application for the Mac is in the wild and masquerading as an installer for the Adobe Flash Player. If the bogus installer app is run, it will disable the automatic malware definition updater that helps detect malicious applications when they’re downloaded from the Internet.
The security research company F-Secure is calling the new malware app Trojan-Downloader:OSX/Flashback.C, or Flashback. Once installed, the application disables OS X’s malware definition updater, which leaves victims vulnerable to other potential malware apps since it won’t recognize newer attacks embedded in apps.
The easiest way to avoid this Trojan app is to download the Flash installer only from Adobe’s Web site. Like other Trojans, Flashback must be downloaded and installed since it can’t “push” itself out to computers.
Trojans and other malware applications are fairly easy to avoid simply by avoiding downloads from Web sites you aren’t familiar with or don’t trust. For anyone that falls victim to Flashback, however, F-Secure has instructions available for removing the Trojan.