Mac Malware Pushed via Google Search Results, Masquerades as Flash Installer

July 2, 2019

Never-before-seen Mac malware, dubbed OSX/CrescentCore, has been discovered in the wild. The trojan, spotted on various websites masquerading as an Adobe Flash Player installer, drops malicious applications and browser extensions on victims’ systems when downloaded.

OSX/CrescentCore is spread via various websites, where it is masqueraded as an Adobe Flash Player installer. However, the “installer” is actually a .dmg file (an Apple disk image) that delivers the malware.

“One variant of OSX/CrescentCore was observed dropping potentially unwanted applications, rogue software like OSX/AMC (short for ‘Advanced Mac Cleaner’),” Joshua Long with Intego, who discovered the malware, told Threatpost on Tuesday.

Read More on Threat Post