A new piece of backdoor malware originally discovered on Windows has found a new home in macOS. Disguising itself as a legitimate Adobe Flash Player installer, the malware burrows into pre-existing macOS folders making it harder to spot. Having used a valid developer’s certificate, the malware was set to run free on macOS even with Gatekeeper enabled.
- Website Wants To Run Adobe Flash Player
- Right Click To Run Adobe Flash Player
- How To Repair Right Click To Run Adobe Flash
- How To Run Adobe Flash On Chrome
- Adobe Flash
These certificates were created to help validate applications with Gatekeeper, but lately have been used to spread malicious software. This is the second reported malware incident in the past week using a valid certificate.
The Snake malware, and the variants it derives from, has been around for nearly a decade now. Malwarebytes reports Snake has been infecting Windows systems as far back as 2008 and even having a Linux variant discovered back in 2014. Fox-ITdescribes it as a “relatively complex malware framework” citing a research paper from the Swiss government’s Computer Emergency Response Team.
How to uninstall Flash on a Mac If you're concerned about the security flaws associated with Adobe's Flash Player we show you how to find out if it's installed on your Mac, and how to uninstall it. No restrictions, and no issues with browser versions are some of the best features, but at the same time Adobe Flash Player does a great job when it comes to playing online games and HD video streaming. If you use even basic common sense, run an anti-virus/anti-malware, set flash permissions to only trusted sites, or run a plugin such as Flashblock or NoScript, the chance is virtually nil. Re-install it and enable automatic updates and don't worry about it.
Fox-IT makes it clear that attacks involving Snake are highly targeted.
Researchers who have previously analyzed compromises where Snake was used have attributed the attacks to Russia. Compared to other prolific attackers with alleged ties to Russia…Snake’s code is significantly more sophisticated, it’s infrastructure more complex and targets more carefully selected.
Today’s macOS variant isn’t one you’ll randomly receive, but the manner in which it hides itself is important.
Snake’s Adobe Flash malware
On macOS, Snake is distributed through a .zip file titled Adobe Flash Player.app.zip. This file contains a legitimate, but backdoored, version of the Adobe’s Flash Player. The application contained within the .zip file initially appears legitimate because of its valid signed certificate issued through Apple. Upon closer inspection, the signature comes from a developer named Addy Symonds, and not the expected Adobe. Even the application’s bundle structures looks odd when compared to a normal one.
https://renewdisk841.weebly.com/blog/adobe-reader-for-mac-yosemite-free-download. Most users wouldn’t think to check an application’s bundle before installing the app.
If a user had proceeded with the installation regardless, handily enough the malware would install a legitimate copy of Adobe Flash Player on the system. During this install, it would also add the backdoor malicious files to the macOS system folders and keep them persistent. By using Apple’s LaunchDaemon service, it could ensure that the backdoor would quickly relaunch if ever closed.
How to check if you’re infected with Snake’s backdoor malware
The Snake malware version currently out in the wild contains debug code and its certificate was signed in February of this year. This leads Fox-IT to believe it may not have even been operational yet, but would soon be used on targets.
Website Wants To Run Adobe Flash Player
Luckily, if anyone does have the Adobe Flash Player.app.zip fileon their system, macOS’ Gatekeeper will no longer show the developer certificate as valid. Apple has revoked that developer’s certificate to help subdue further damage.
To easily check if a system has been infected by the Snake backdoor malware, run a scan with Malwarebytes for Mac. The free software will detect Snake as OSX.Snake and remove it.
If you’d like to manually check for infection, the backdoor malware installs the following various components:
- /Library/Scripts/queue
- /Library/Scripts/installdp
- /Library/Scripts/installd.sh
- /Library/LaunchDaemons/com.adobe.update.plist
- /var/tmp/.ur-*
- /tmp/.gdm-socket
- /tmp/.gdm-selinux
Malwarebytes recommends changing passwords and contacting your business IT department if you were infected. The former is to secure yourself and online accounts, and the latter to mitigate any potential company damage.
Attacks like these are easily spread through spear phishing emails, so be vigilant in your online behaviors.
Images Credit: Malwarebytes
Adobe Flash Player might be the best player of online content out there, but obviously it’s not the only one, as there are some great alternatives that you can use. It’s a very good idea to check out the Adobe Flash Player alternatives as they will come in handy and in the end that’s the most important thing for sure.
Lightspark
This software is indeed one of the best Adobe Flash Player out there because it’s an open source flash player but at the same time it also comes in the form of a browser plugin so you can easily check out all the content that was previously available with Adobe’s app. This is a very good application that comes with complete support for all the Flash Player formats, including AVM2 and even virtual machine. The downside for Lightspark is that it runs only on Linux, but it might be coming to other platforms soon, so you should totally keep an eye on it as it’s very good.
Adobe flash plugin for safari mac. Unity Web Player
Suitable for both Mac and Windows, this is a very powerful software. It doesn’t pose any restrictions whatsoever when it comes to using web content, but instead it makes the experience very easy and truly cool for you, that’s a given. No restrictions, and no issues with browser versions are some of the best features, but at the same time Adobe Flash Player does a great job when it comes to playing online games and HD video streaming. If you are a Unity user, then you will also get the power to test the games that you created with the help of some astounding graphics.
GNU Gnash
A free alternative created by GNU and it allows you to perform video streaming and access rich internet media files. It has quite a lot of cool features which is a major plus and, on top of that, Gnash can be used on multiple platforms like Windows, Linux and BSD, not to mention that it provides multiple attributes.
Right Click To Run Adobe Flash Player
![Flash Flash](/uploads/1/3/3/8/133896967/385396048.png)
How To Repair Right Click To Run Adobe Flash
Silverlight
How To Run Adobe Flash On Chrome
Silverlight is created by Microsoft and it’s one of the tools that managed to give a lot of hard time to the Adobe Flash Player. As you would expect, it’s based on the .NET framework and it has compatibility with a wide range of browsers, mobile devices and many operating systems as well. You can also use the latest versions in order to design responsive web as well as mob apps.
These are all great alternatives if you are looking for a great web player and one that offers immense value. The app brings you an extraordinary quality, stunning results and professional outcome, so all you have to do is to access them and give a try, especially if you want to get rid of the security holes that can be encountered in Adobe Flash Player nowadays.
Adobe Flash
Every techie needs a pair of sick headphones. Neurogadget recommends these Audio Technica Professional Studio Monitor Headphones for both their quality and their cool-factor.