Windows 'Snake' Malware Ported to Mac, Imitates Adobe Flash Player Installer

Friday May 5, 2017 1:07 pm PDT by Juli Clover
Well-known Windows backdoor malware "Snake" has been ported to the Mac for the first time, according to MalwareBytes. Described as "highly-sophisticated," Snake (also called Turla and Uroburos) has been infecting Windows systems since 2008 and was ported to Linux systems in 2014 before making its way to the Mac.

The Snake malware was found earlier this week in an installer masquerading as Adobe Flash Player, buried inside a file named "Install Adobe Flash Player.app.zip." It is designed to look like a legitimate Adobe Flash installer, but is signed by an illegitimate certificate.


It does, actually, install Adobe Flash Player, but it is accompanied by additional software that is malicious and designed to provide a backdoor into the Mac. The malicious files are well hidden in the /Library/Scripts/ folder and disguised as an Adobe launch process.
In all, this is one of the sneakier bits of Mac malware lately. Although it's still "just a Trojan," it's a quite convincing one if distributed properly. Although Mac users tend to scoff at Trojans, believing them to be easy to avoid, this is not always the case.
Apple already revoked the certificate that the Snake malware was using to infect Mac machines, but another iteration could pop up, so Mac users should be aware of the possibility.

Those infected by Snake are vulnerable to having data stolen, including login information, passwords, and unencrypted files.

To avoid malicious software, Apple recommends downloading content only from the Mac App Store or from trusted developers.

Tag: malware
[ 144 comments ]

Top Rated Comments

(View all)

Avatar
motm95
35 months ago
Mistake number one: installing Adobe Flash to begin with.
Rating: 92 Votes
Avatar
xxray
35 months ago
For all of those saying it's dumb to install flash, I have to for my homework and online classes for my university. I'd love to give it up, but some of us just don't have the option to.
Rating: 20 Votes
Avatar
dschulian
35 months ago
People still installing Flash?

Rating: 15 Votes
Avatar
InfoTime
35 months ago

But wait, I thought Macs don't get viruses???

This isn't a virus.
Rating: 13 Votes
Avatar
Olz
35 months ago
I feel like the people that wrote this malware wasted their time, all they needed to do was force people to install Flash...there are already enough backdoors in that to do what you want with, without adding extra ones.
Rating: 12 Votes
Avatar
Breaking Good
35 months ago

Amen to that, these days it's [Adobe Flash] just not necessary.


Sadly, I run into a number of Computer-based Training courses that still use it.
Rating: 11 Votes
Avatar
Olz
35 months ago

Mistake number one: installing Adobe Flash to begin with.


Amen to that, these days it's just not necessary.
Rating: 9 Votes
Avatar
Macaholic868
35 months ago

Find a new line of work bro


Agreed. He should ditch his entire career and livelihood because sometimes he has to use Flash. Makes perfect sense.
Rating: 8 Votes
Avatar
TMRJIJ
35 months ago
Yet another reason not to install Flash.
Rating: 8 Votes
Avatar
redheeler
35 months ago

Sadly, I run into a number of Computer-based Training courses that still use it.

It's better to just use Google Chrome for anything specific that still needs Flash. No need to run the installer.

With the amount of people using mobile devices these days, requiring Flash is quite a handicap for web-based content. But certain areas are always behind in updating to newer standards.
Rating: 8 Votes

[ Read All Comments ]