Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Adobe Flash, with its long lineage of providing Internet-connected computers with a platform for specialized multimedia and motion graphics, has been through hell and back when it comes to malicious exploits and vulnerabilities. While Flash is on a non-stop roller coaster of being the gateway for hackers to exploit computers, they face a new opposition as there is an uprising of fake flash player download pages peddling malware on the wild Internet.
The screenshot below in Figure 1 is of a recently discovered Adobe Flash Player spoof site using a shady URL. Security analysts from Symantec first analyzed the scam and found that it is a two-faced attack utilizing a pop-up notification to download a fake flash player while the other avenue guides users to a simple \"Download Now\" button.
If either the pop-up or Download Now button are accessed, PC users will be prompted to download a file named \"flash_player_updater.exe\" or \"update_flash_player.exe\". Fortunately for us, we have been down this road before and outlined many cases where malware-peddlers have utilized a fake flash player with a name similar to \"flash_player_updater.exe\". In those instances, the fine was found to infect a computer with malware.
In knowing that there are these fake Adobe sites on the internet, PC users may look for specific indicators to help give away which site is a counterfeit. One aspect of a fake Adobe site that researchers have revealed is to look at the URL. If it resembles \" [REMOVED]rks.com/adobe/\", then you may have run into one of the malicious sites. Moreover, when clicking on the \"Download Now\" button on a fake Adobe Flash Player site and error pages show up, it may be a clear indication of the link or site being malicious as well.
In case you are wondering what exactly the malware spread by these fake Adobe Flash Player sites does, look no further than your common Trojan designed to steal passwords from a compromised system, adware that displays repeated advertisements with potentially malicious links, or a Ransomware threat pretending to be the FBI or Interpol asking for payment of a large fine for purportedly doing something illegal online. In any situation, Adobe Flash Player should be downloaded or updated directly from the Adobe.com website. 1e1e36bf2d