Commonly referred to as ‘Snake’, ‘Turla’ or sometimes ‘Uroboros’, the long targeting Windows malware is now reportedly targeting the Mac users disguised as an Adobe Flash Player installer, security website Malwarebytes is reporting (via AppleInsider). Wrapped inside a ZIP file labeled “Install Adobe Flash Player.app.zip”, the malware tries to trick macOS’s Gatekeeper feature, although Apple has already revoked the bad certificate.
According to the source, if Gatekeeper is set to allow unsigned apps, victims should then be asked to enter their administrator password, as with Adobe’s real Flash installer. The look of the installer also mimics the real software, and in fact a working version of Flash is ready at the end. People who fall prey open up a backdoor to their system which can expose passwords and unencrypted files.
A giveaway to its origins is that when run, the installer is signed by an “Addy Symonds” instead of Adobe. Similar malware typically runs a completely fake Flash installation, or has to launch the legitimate one second.
Infection is unlikely not just because of Gatekeeper, but because the file must be intentionally downloaded and run, for instance when delivered as an email attachment.
For more information, hit up this link.