Ramblings of this guy you know!

Tech Stuff and random observations on life as I see it….

Beware of false Flash Player Installers – a new Mac Trojan rises

At the recent Blackhat conference, the Mac world was warned that APT’s (Advanced Persistent Threats) were going to become more commonplace. This new Mac Trojan is making the rounds disguised as the installer for Flash Player!

If you are asked to update your version of Flash, be careful about where you are downloading the installer from. In fact if you are at all unsure, you might be best downloading directly from Adobe themselves. Otherwise you might be at risk. The new trojan is has been named Bash/QHost.WB by F-Secure and once it infects your Mac, it will edit the computers hosts file to redirect any visit to one of Google’s sites to an IP address in the Netherlands. The result is that every time you try to visit a Google site you are redirected to a fraudulent site that looks exactly the same.

Here’s what the redirected site looks like in a browser:

The trojan is set up to continually display annoying pop-up ads once it the page has been visited, it seems to be currently dormant however.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: