Windows worm Mac computer adobe flash,adobe flash malware

“Snake” (also known as Turla or Uroboros), a long time to Windows users for the target malicious software “Snake” (also known as Turla or Uroboros), has its tentacles to the Mac users and disguised as an Adobe Flash installer program so that users deceived.

According to the secure Web site, Malwarebytes reported that the updated code allows the worm Snake to disguise as an Adobe Flash installer program and package it in a ZIP archive called “Install Adobe Flash Player.app.zip”. When you run the zip file, the installer’s signature will be changed to “Addy Symonds” instead of Adobe. The Gatekeeper’s security technology introduced by Mac computers ensures that users install applications with developer signatures and prevent some external malware. Apple has revoked this camouflage certificate.

If the system Gatekeeper is set up to allow unsigned App installation, the victim will be asked to enter the administrator password as if it were a real Adobe Flash installer, and the worm’s software design was similar to the real Flash installer.

After the user installs the malware, the attacker will be able to open the system backdoor, spy on user passwords, and unencrypted files.

Mac devices are less likely to be infected, but not just because of the presence of Gatekeeper, but because the virus file is only available when it is intentionally downloaded and running, such as when it is delivered as an e-mail attachment.

Just last week, another was called “Dok”, and the developer signed the malware began to spread on the Mac. The malicious code is spread by e-mail and is hidden in the fake OS X update. After the user moves, Dok Malware gets the administrative privileges of the computer and installs a new root certificate, and then completely intercepts all the network traffic of the victim, including SSL encrypted traffic.

The post Windows worm first appeared on a Mac computer: disguised as Adobe Flash software appeared first on Penetration Testing in Linux. http://ift.tt/2pjIOXT http://ift.tt/2aM8QhC

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s