Page 1 of 2 12 LastLast
Results 1 to 9 of 14

Thread: Got hit with a fake Flash Player update

  1. #1

    Default Got hit with a fake Flash Player update

    Was in one of the threads on the college page when I got an alert to install an update for the Flash Player. The screen kind of faded gray on the sides and the adobe alert was right in the middle of the thread/page. Immediately tried to get me to save an exe to install flash.

    Was running Microsoft Security Essentials and it caught it right away, here are the details from their stie:

    http://www.microsoft.com/security/po...tid=2147627865

    It likely came from something via your ad network but wanted to give the heads up. I canceled the download, went to adobe's site and verified that I was on the latest version and did not need an update.

    I had multiple tabs open but I was in the TWT page and that alert only showed on the tab for the forums.

  2. #2

    Default Re: Got hit with a fake Flash Player update

    Quote Originally Posted by Gantry View Post
    Was in one of the threads on the college page when I got an alert to install an update for the Flash Player. The screen kind of faded gray on the sides and the adobe alert was right in the middle of the thread/page. Immediately tried to get me to save an exe to install flash.

    Was running Microsoft Security Essentials and it caught it right away, here are the details from their stie:

    http://www.microsoft.com/security/po...tid=2147627865

    It likely came from something via your ad network but wanted to give the heads up. I canceled the download, went to adobe's site and verified that I was on the latest version and did not need an update.

    I had multiple tabs open but I was in the TWT page and that alert only showed on the tab for the forums.
    What page were you on?

    The ad service is managed by Google, so if there is an issue I'm sure it will be dealt with swiftly.

    Thanks for the heads up.

  3. #3

    Default Re: Got hit with a fake Flash Player update

    Unfortunately I don't remember which thread and had closed Firefox and the tab to be safe before posting.

    Was very well done, almost had me fooled and I get paid to clean up PCs that get infected with this stuff! Also the first Firefox-specific malware I've actually seen, though I've heard of them out there.

    Like you said though, if it was via google I'm sure it's been stopped already. If only malware writers (who are amazing clever) used their power for good..

  4. #4

    Default Re: Got hit with a fake Flash Player update

    Quote Originally Posted by Gantry View Post
    Unfortunately I don't remember which thread and had closed Firefox and the tab to be safe before posting.

    Was very well done, almost had me fooled and I get paid to clean up PCs that get infected with this stuff! Also the first Firefox-specific malware I've actually seen, though I've heard of them out there.

    Like you said though, if it was via google I'm sure it's been stopped already. If only malware writers (who are amazing clever) used their power for good..
    Yeah, some of that stuff they put out is pretty clever. Like the viral facebook/myspace messages and mimicking a legit flash install.

    I still don't understand why Google allows them to host their banners on a separate server though.

  5. #5

    Default Re: Got hit with a fake Flash Player update

    Just got it again in the "NCAA Survey RE Format, Timing of Wrestling Championships" thread

  6. #6

    Default Re: Got hit with a fake Flash Player update

    Pretty sure the nefarious URL in question from that thread is secureupdatetracking.com, that shows up when I load the thread and I'm fairly certain that's where the flash exe was trying to download from, the first time I got it.

    WHOIS info on that domain - registered in asia and hosted in the UK:

    http://www.networksolutions.com/whoi...tetracking.com

    You may want to see exactly where the reference to that domain is being handled when loading the page, certainly doesn't seem like a legit site and google/twitter info is non-existant

  7. #7

    Default Re: Got hit with a fake Flash Player update

    Yeah, I tracked it down, banned him and banned the whole range of IPs for his country.

  8. #8

    Default Re: Got hit with a fake Flash Player update

    haha.. you actually did copy it, too.

  9. #9

    Default Re: Got hit with a fake Flash Player update

    I realized about .000234 seconds after posting that I might have made a mistake with the copy/paste. I gotta say, that was an impressively well written piece code. With the news that Mozilla will now notify you when your flash is outdated I actually thought it was was legit at first...

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •