There is a new Mac Trojan rumored to be making the rounds named BASH/QHost.WB, disguised as a fake Adobe Flash installer.

This Trojan is of the DNS changer variety, and once infected modifies the /private/etc/hosts file to redirect google traffic to a server in the Netherlands. It looks like you are visiting legitimate a google page, however the hijacked site is ripe with phishing potential.

It is unclear where this fake Adobe Flash installer is being downloaded from, or even if it’s been released in the wild. As with all Mac Trojans, in order to be infected the user must manually authenticate using an administrator user account to complete the install. Because Lion doesn’t include Adobe Flash, its possible some people are searching for the installer and find this Trojan instead.