You may recall reports from last month that a new OS X trojan had surfaced, disguising itself as the Flash Player installer. Apple swiftly updated their anti-malware tools to counter the attack, but F-Secure now reports that a new variant of the Flashback.A trojan is making the rounds, and can prevent Apple’s anti-malware tools from auto-updating.
The revised trojan, called Flashback.C (installer pictured above), disables the automatic update component of XProtect (Apple-s built-in anti-malware app), effectively preventing OS X from receiving updates necessary to automatically detect and remove the trojan.
The trojan is also capable of connecting to a remote server to download and run additional code, but it’s so far unclear what the purpose of the exploit is, or how it might be used by by the hackers who developed it.
Users of OS X are advised to download Flash Payer only from trusted sources (like Adobe’s official site) to avoid this trojan. It’s likely that Apple will be releasing an update or removal tool of some kind to counter the exploit.