Threat Watch

Six Malicious Flash Installer Apps Discovered and Fixed by Apple

Recent reports have revealed that Apple has fixed six malicious apps that have been passed off as Adobe Flash Installers. Surprisingly, the apps made it through Apple’s notarization process, which is supposed to be a security check performed for every app. Once these apps make it through the notarization process, Gatekeeper will whitelist the apps and allow them to run with just a simple click. The malicious Flash installers add adware to the device’s browser. Not too long after being identified, the malicious apps were de-notarized by Apple. Adobe is set to retire Flash at the end of the year, but scam efforts are likely to continue.

ANALYST NOTES

Anyone still using Flash is suggested to simply remove it from the device. With Flash being retired at the end of the year, it will not serve much of a purpose any longer. With the many security vulnerabilities that the Flash browser plug-in has suffered from over the years, has been a preferred method used by threat actors to deliver malware for quite a while. Updates to software should only be installed from trustworthy sources. Threat actors often use fake update software for many different software products in an attempt to trick people into installing their malware.

Source: https://ciso.economictimes.indiatimes.com/news/apple-fixes-6-malicious-apps-posing-as-adobe-flash-installers/78865699