The MacOS system was recently targeted by a malicious attack by hiding as a Adobe Flash Install Wizard. If you want to be safe on your macOS computer and see if it’s infected, we’ll show you two options here that will help you detect it.
The new malicious software relies on a trusted developer certificate, which is why the Gatekeeper does not prevent it from working. However, Fox-IT reported that Apple has revoked the certificate because of the malicious attack, and therefore will not be able to infect more devices anymore.
Fortunately, if you own the Adobe Flash Player.app.zip file on the macOS system, Gatekeeper will no longer show you that the developer certificate is valid. Apple has revoked the developer’s certificate to help reduce further damage.
How to verify that your computer is infected with this attack
You can easily check that your MacOS operating system has already been infected with this malicious attack by using these two methods below:
Run Malwarebytes Malware on your operating system. This free program will automatically detect and scan malware on your computer.
If you want to manually check for this attack, the malicious software installs the following components:
- Library / Scripts / queue /
- Library / Scripts / installdp /
- Library / Scripts / installd.sh /
- Library / LaunchDaemons /
- com.adobe.update.plist /
- Var / tmp / .ur – * /
- Tmp / .gdm-socket /
- Tmp / .gdm-selinux /
Malwarebytes recommends that you change passwords and contact the IT department directly if you are infected with malware. The first is to secure yourself and your accounts on the Internet. The second method is to mitigate any potential damage.
It’s worth noting that these attacks are easily spread through phishing emails, so be careful of your online behaviors.