I just wanted to share an experience I had with a fake Adobe Flash updater that contains some pretty scary and extremely annoying Malware. This probably isn't typically what would go in this forum, but I think you need to know because there isn't much info on it that I can find, and it really caused complete chaos with Voiceover for me... I can find lots of info about a "Flashback Trojan" that appeared a while ago, but I believe this is a new version of the thing that's gotten worse. It first appeared about a week ago in the form of a popup window on Spotify saying that I couldn't listen to Spotify content until Adobe Flashplayer was updated. It had the Adobe logo and seemed completely legit. I didn't think twice about clicking the download button since I know Spotify requires Flash to play, and I've installed updates in the past for that reason. A file called "Flashplayer.pkg" was downloaded, which now that I think about it, that should've been a flag because the real updates have always been in .dmg files. I launched the installer package from the downloads folder with command + o and was immediately given the security popup saying that the application was downloaded from an unknown source, and was I sure I wanted to open it. I've gotten this popup in the past when I've downloaded updates straight from the Adobe website, so I clicked right past it. At this point, I was presented with a lovely unlabeled image... I could tab around enough to tell that it was asking me to agree to those terms of service that very few people actually read, but I had to enlist sightling assistance to check the box inside the image. After that, I was taken to another unlabeled image that asked if I was ready to install Flashplayer and had an "install now" button. The next dialogue was accessible and asked for my Apple ID and password. By then, I think the Malware had already installed itself, and entering my password only allowed it to go deeper into my system and probably handed the hackers the keys to my digital kingdom on a silver platter... But still under the impression that the thing was a normal Adobe update, I entered my info and clicked "ok." All was good for about an hour, when I discovered that Spotify was still demanding an update and wouldn't play. I launched the installer again thinking that maybe it didn't go since my mom was the one who helped with the images, and she isn't exactly tech savvy. Upon doing that, my system was instantly taken over by multiple popup windows that didn't respond well to keystrokes and multiplied by the dozens. Within the hour, I had some weird stuff in my downloads folder, and there were images labeled with strange lines of code in the finder toolbar and the toolbar at the top of Pages. I ran MacKeeper and came up with nothing. Now obviously something was horribly wrong, so I looked through my downloads, user library, and running scripts. I got pretty unnerved upon seeing something with "Trojan.backdoor" in the title, so I started doing some extensive googling. Turns out there are two versions of this fake Flash update that have been reported. One is pretty harmless but extremely annoying, and just contains adware that will drive you up the wall with incessant popups. The other one, (the one I believe I got), is scarier and seems to contain the average adware, a virus or worm of some sort that invades your files, and the Trojan that allows whoever created this thing to do basically whatever they want on your system. Anti-malware stuff doesn't always detect it either because somehow or another it's wrapped up nicely in authentic licenses that get it right past the firewall. And if you have Java enabled in your Safari extensions, the thing can install itself without you having a clue until your computer starts acting like it's possessed by evil spirits. I went through all the folders where the stuff has been reported to hide and deleted a ton of files. Then I ran MalwareBytes and removed a ton of adware that I didn't find manually. It was NOT an easy process with Voiceover, as there were still popups like crazy that weren't really willing to go away. My system is now running about five times faster than it was, but the whole reason for writing this long post is to warn you that I lost some data. I had some custom keymaps and such for a braille display that I'd made myself, along with several other script files because I'm starting to learn a little programming, and those are either gone entirely or seem to have been chewed to pieces. The thing also created total chaos in my apps folder. It seems to have picked random bits of programs and dropped them in remote corners of my system. Several files in Dropbox were corrupted, and something has embedded itself in my Spotify application. I'm at the point now where I think I'm going to have to completely restore the hard drive and pray I have a recent backup from before all this happened. To summarize all that, make sure you get your Adobe updates straight from adobe and NOT from any random popups, unless you wanna spend your entire weekend going on a scavenger hunt for everything that's broken or out of place! FYI... The real Adobe Flash installer worked like a charm with Voiceover for me, and it did NOT ask for my password!
Sorry for the ridiculously long post, but I really hope this saves somebody from the horror of installing this thing! :)