If you are a Mac user, here's how to avoid the most common kind of malware

Originally published at: https://boingboing.net/2020/01/25/if-you-are-a-mac-user-heres.html

5 Likes

Just think what it takes to be that kind of human that creates this shit, sad little person with little or nothing going in life.

2 Likes

You have to enter the admin password to install this too. I guess people are willing to enter their admin password to install a fake Flash installer. Low-hanging fruit for the criminals.

2 Likes

I can’t decide if I hate Flash more than I hate Java.

1 Like

Thanks, this was helpful. I’m running an old version of OS X because I don’t want to lose certain apps by updating, but I don’t know much about computers & I don’t have tech support, & I worry. I read the linked Lifehacker, Ars Tecnica, & “AnySearch removal” articles & updated my browsers. It’s also good to know that I’d have to enter a password to install the virus. One thing that would help: when a Flash update window pops up, how can I get rid of it without at least clicking “Remind Me Later”? There’s no close button.

2 Likes

“That kind of human” is, these days, generally someone who is monetizing their exploits. In other words, your assessment is both incorrect and correct ^^’.

Yes, well, just about half the people you meet have IQs under 100 (98 in the US). 'Nuff said.

2 Likes

It’s worth mentioning that these attacks apparently use a somewhat clever little trick to enhance the social engineering. One that OSX really ought to do something about(it’s what the late and unlamented Windows Vista introduced UAC for; in ye olde year of AD 2006).

From Arstechnica’s article(well worth a read):


The install attempt draws a window on top of the permission window so that it isn’t immediately apparent what you are actually agreeing to.(the left screenshot is what the user sees; the right is the actually-important stuff hidden behind the translucent window that they really ought to see)

7 Likes

maybe force-quitting the finder might be worth a shot.

2 Likes

The game “Pandemic II” seems to be flash only, does anyone know an HTMLV or JS version? I want to make “Wuhan Fever” take over the world :wink:

(or at least Madagascar)

My plan is working.

3 Likes

Comcast, the 3rd largest US cable provider, still uses Flash for streaming on pc.

1 Like

Hey, at least Java has an excuse to exist on the server-side of things. Desktop JVM? :woozy_face::nauseated_face::face_vomiting:

2 Likes

And could well be working for a state actor…

This alone and the corollary Dunning-Kruger Effect, well, it really explains just about everything, doesn’t it…

3 Likes

Flash is rare? It’s more than half the online games I play. It’s in videos on popular news and blog sites.
I WISH it was rare.

2 Likes

Ugh, viruses and malware are totally out of control these days.

Fortunately, I use a Mac, so I don’t have to worry about that.

<runs away>

5 Likes

Yeah, it’s hanging on with a vengeance for supposedly “dead” software.

There were some good things about Java as a language. From the point of view of a systems/network administrator, though, it makes me want to pull my hair out.

One of my most frustrating experiences recently was trying to get a Java remote console app working on a server (so I could see what was wrong it). The Java app wouldn’t run with newer browsers, and I couldn’t upgrade the Java software because the Flash management software wouldn’t run properly.

1 Like

Java BMC and network KVM consoles are the devil’s work.

2 Likes

Most of the malware I hsve to fix has been distributed by Ad networks. Sites complain about using ad blockers, but until the ad networks are cleaned up, the risk is too high.

4 Likes

The best advice I’ve ever gotten about upgrade popups is to ignore them 100% of the time, even if they’re legit.

If it’s a scam, you just saved yourself a headache. But if they are legit, you can go to the website for the software & upgrade directly anyway.

2 Likes