However, if the Package installer is located in the DMG volume, then you will be prompted to continue the installation.Īs a result, victims may find that their OS X computers have had a number of potentially unwanted programs (PUPs) installed on their systems. pkg file, also known a flat package, and has been signed with a legitimate Developer ID certificate - effectively tricking OS X’s built-in Gatekeeper security to believe that the files can be trusted and are not malicious.Ĭuriously, if the Mac Package installer, called Product.pkg, is located outside the DMG volume and the DMG volume Installer is unmounted, then you will receive a “Missing parameters” error. The in-the-wild attack has been spread in the form of a Mac Package installer.
Intego security experts have identified the rogue package installer as a variant of OSX/InstallCore, and have updated Intego VirusBarrier definitions to provide protection. Mac users are once again being urged to exercise caution when installing updates to Adobe Flash Player, after a fake update was discovered infecting computers. Malware + Recommended + Security News Mac Users Attacked Again by Fake Adobe Flash Update
