Windows Malware Ported to macOS Passes for Adobe Flash Player

We’re all well aware of how much of a security nightmare Adobe Flash Player has become. And the fact that there is a nasty malware out there passing for it down to a T has both Windows and macOS users pretty confused about the whole thing. Yes, the infamous Snake malware that has been plaguing Windows devices for almost ten years now has managed to creep its way into Apple’s operating system as well. Ugh!

The most dangerous thing about this particular piece of malware is that it looks perfectly legit upon initial inspection. Thus, many users always accept to install it, thinking that it’s the real deal. But it’s not, so be careful! Once you look into the folder more, you will notice it looks nothing like the real thing. On top of that, the actual license of the product is attributed to some fictional developer instead of Adobe.

The Problem

While it’s not that hard to check and see if the .exe you’re being prompted to install is a valid one, many of us don’t ever bother to do that. That’s the problem here. The program looks just passable enough at first glance to fool a lot of people.

How to Check if You Have Been Infected

If you already suspect you’re infected, then it’s good to know what types of extensions the program installs, and check for them manually. Here they are:

• /var/tmp/.ur-*
• /tmp/.gdm-selinux
• /tmp/.gdm-socket
• /var/tmp/.ur-*
• /Library/LaunchDaemons/com.adobe.update.plist
• /Library/Scripts/installdp
• /Library/Scripts/installd.sh
• /Library/Scripts/queue

If your manual check reveals that you’ve been infected, change all your passwords immediately. After this, ask for the help of an IT specialist, because the issue is a bit too serious to fix at home if you’re not well trained in the area. Good luck, and always stay safe on the Internet!