Fake Flash Player download pages pushing malware
Posted on 27.02.2013
As you may already heard, Adobe has pushed out an update for Flash Player that fixes vulnerabilities discovered to be currently exploited in the wild in targeted attacks.

If you haven't set up automatic updating for Flash, you will have to find and download the update yourself, and the best place from which to pick it up is Adobe's official Flash page.

I'm reiterating this because there are web pages out there that spoof Adobe's legitimate one, and they are pretty well crafted (click on the screenshot to enlarge it):



But that thing that should give them away - if you're looking for it - is the shady URL (in this case: http://16.a[REMOVED]rks.com/adobe/). Also, clicking on most of the links apart from the "Download" button will reveal error pages - a sure indicator that something is very wrong.

Symantec researchers have analyzed the scam and point out that unfortunate visitors to the page are attacked from two sides.

"Option 1 is a pop-up message that requests the user to download a file named flash_player_updater.exe. Option 2 is the 'Download Now' button that requests the user to download a file named update_flash_player.exe," they say, and both contain the Ponik Trojan downloader.

Once installed, the malware proceeds to steal passwords from the compromised computer, then install either a piece of ransomware that impersonates the FBI or Interpol, or an ad-clicking component.









Spotlight

How safe are Android-based children’s tablets?

Looking for an Android-based tablet for your child but don't know which one to choose? If you are concerned about the device's protection against random hackers, Bluebox Security has just released a review of the nine most popular Android tablet models aimed specifically at children.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Feb 26th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //