About a month ago, a new OS X trojan disguised as a Flash Player installer. Apple’s malware tools were immediately updated to counter the attack, but there are now reports of a new variant of the Flashback.A trojan coming around. This time, it is able to keep the malware tools from updating automatically.
Now called Flashback.C, the trojan disables the automatic update component of XProtect (Apple’s built in anti-malware). This prevents future updates that would be able to detect and remove the trojan. It also has the ability to connect to a remote server, although it is unclear what purpose this serves.
Mac users of OS X should only download Flash Player from trusted sources, mainly being Adobe’s official site.