Distributed with
The pop-up, as discovered by the researchers (URL removed).


Fake Flash Player update prompt infects Mac users with scareware

Researchers have discovered a fake warning prompting Mac users to update Adobe Flash Player that actually installs scareware on their systems.

The pop-up, as discovered by the researchers (URL removed).

The pop-up message, as discovered by the researchers (URL removed).

If users follow the advice in the pop-up, which appears on certain websites, they are tricked into installing malware that bypasses OS X’s Gatekeeper feature with a valid developer certificate.

The scareware, first discovered by the SANS Institute’s Internet Storm Center, is delivered alongside a genuine version of Adobe Flash Player in an attempt to trick users into thinking the update was a genuine download from Adobe.

When run, the malware warns users of fake security threats, redirects them to potentially dangerous websites or installs malicious browser extensions.

The SANS Institute said it asked for money after identifying the “system problems”.

Although the researchers were not able to say for sure what caused the pop-up message to appear in the first place, they suspect it was triggered by malicious advertising.

Fake Flash Player updates are a common port of call for cyber criminals trying to trick users into downloading malicious software, so hopefully most users will not be fooled.

As always, users are advised to download Flash Player updates only from Adobe’s website.

TEISS banner