There's been a couple of trojans recently that imitate the Adobe Flash Player installer one of which is called OSX/flashback.A. (More info here) I've been wary of updating Adobe Flash Player due to this trojan. How do I tell if the installer is the real thing, or if it's just a trojan? Also, where does it come from? I'm pretty sure the DMG for the trojan downloaded automatically, opened the installer, and wanted me to install it.
I know that I can download the official installer from the Adobe website, and will probably do this. However, my questions remain.
Best Answer
There are a couple easy ways to identify the trojan in it's current form (aside from downloading directly from Adobe or using AV software):
The trojan is an installer package that opens with Installer.app, the real installer is an application (it doesn't use Installer.app).
When run, the trojan installer looks like the screenshot of the trojan installer in the CNET article you linked to, the real installer looks like the screenshot of the real installer in that same article. (Screenshots reposted below.)
The trojan is found exclusively on sites that are not adobe.com, generally from malicious sites.
Legitimate Flash Player Installer:
Trojan Installer: