According to Russian security firm Doctor Web, there are an increasing number of Mac-focused Trojans that install extensions for Safari, Chrome, and Firefox. These extensions are designed to embed third-party ad code into otherwise unrelated Web pages, funneling the clickthrough revenue back to the malware authors. The Trojans use a variety of techniques to fool users into installation, including masquerading as video plug-ins, media players, download accelerators, and more. To be safe, avoid installing software from sites that prompt you to do so — always get software from trusted sources. follow link
- LaunchBar 6.3
- Final Cut Pro X 10.2, Compressor 4.2, Motion 5.2
- OS X Yosemite 10.10.3 Supplemental Update 1.0
- DEVONagent Lite, Express, and Pro 3.9.1
- FileMaker Pro 13.0.9
- iTunes 12.1.2
- GraphicConverter 9.6.1
- 1Password 5.3
- Security Update 2015-004 (Mountain Lion, Mavericks)
- Safari 8.0.5, 7.1.5, and 6.2.5
Time for a Fetch Refresh?
In the Fetch FTP client, if you see a time stamp like "As of 6/19/10 2:29 PM" above the file list, that means that Fetch is re-using a file list it downloaded earlier. Click the swooshing-arrow refresh button (located beside the time stamp) to refresh the list.
Visit Fetch Softworks
Beware Trojans Bearing Ads
Does this mean one should turn off AutoUpdate or use it strictly as a notice that one should go the original vendor's web site to get the latest update?
The main thing is, if a Web page pops up a dialog saying "You need the IMGOINGTOSTEALYOURFACE plugin to view this content." click Cancel and close the page as quickly as possible. And even if a site says, "You need the Microsoft Silverlight plugin to view this content." go to the Microsoft site manually to download and install it, rather than getting it from the prompt.
Does this mean extensions from other sources are suspect? How does one go about determining their safety? (Crap, and I thought Mac users didn't have to fuss about this stuff.)
This is actually a big deal, and I believe Google has changed Chrome so that you can download Chrome extensions only from the Chrome Web Store rather than from developer sites for just the same reason.