Malwarebytes flags fake Flash update

Unusual and inappropriate ads injected into websites.

Security firm Malwarebytes has sounded the alarm on a new bogus Flash Player update which causes legitimate advertisements to be replaced with spam and inappropriate banners.

FlashPlayer11.safariextz is a convincing fake browser extension, Malwarebytes claims. It uses the correct Flash Player logo and even includes a hyperlink to the official Adobe website.

Advertisement - Article continues below

The bad guys are banking on the fact people are aware how important it is to apply software updates

However, once installed, the application either introduces its own intrusive adverts or overlays the official ads on legitimate websites with its own.

According to Malwarebytes security analyst Jerome Segura, the authors of this rogue application are hoping to tap into the lucrative business of web advertising by generating revenue from users clicking on the fake adverts.

"Online advertising is a billion dollar industry and everybody wants to have a piece of it. With such invasive adverts, cyber-crooks are likely to generate a lot of views' and even pay per clicks," he said.

As pointed out in Segura's blog post, these adverts are not only intrusive, but also indiscriminate in what they display.

"Shortly after being installed, [FlashPlayer11.safariextz] will begin to inject very rough advertisements on any website you visit," said Segura.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"For example, I visited pbskids.org, a site for children to play games and watch their favourite characters, when all of the sudden a pornographic advertisement was displayed," he added.

According to Segura, the malicious extension is being pushed from various websites, but most commonly comes from adult websites.

He also said he found it "interesting that the bad guys are banking on the fact people are now quite aware of how important it is to apply software updates".

"This is why you should always install updates from the vendor's official website to avoid nasty surprises," he advised.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now
Advertisement

Recommended

Visit/antivirus/28144/best-antivirus
antivirus

Best antivirus for Windows 10

30 Jun 2020
Visit/security/hacking/356152/searching-for-a-new-job-that-linkedin-job-offer-may-be-fake
hacking

Searching for a new job? That LinkedIn job offer may be fake

19 Jun 2020
Visit/security/malware/355093/evasive-malware-threats-are-surging
malware

Evasive malware threats doubled in 2019

24 Mar 2020
Visit/security/malware/28083/the-five-best-free-malware-removal-tools
Security

Best free malware removal tools 2019

2 Mar 2020

Most Popular

Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/policy-legislation/data-protection/356344/eu-institutions-warned-against-purchasing-any-further
data protection

EU institutions told to avoid Microsoft software after licence spat

3 Jul 2020
Visit/security/vulnerability/356295/microsoft-patches-high-risk-flaws-that-can-be-exploited-with-a
vulnerability

Microsoft releases urgent patch for high-risk Windows 10 flaws

1 Jul 2020