Malwarebytes flags fake Flash update

Unusual and inappropriate ads injected into websites.

Security firm Malwarebytes has sounded the alarm on a new bogus Flash Player update which causes legitimate advertisements to be replaced with spam and inappropriate banners.

FlashPlayer11.safariextz is a convincing fake browser extension, Malwarebytes claims. It uses the correct Flash Player logo and even includes a hyperlink to the official Adobe website.

The bad guys are banking on the fact people are aware how important it is to apply software updates

However, once installed, the application either introduces its own intrusive adverts or overlays the official ads on legitimate websites with its own.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

According to Malwarebytes security analyst Jerome Segura, the authors of this rogue application are hoping to tap into the lucrative business of web advertising by generating revenue from users clicking on the fake adverts.

"Online advertising is a billion dollar industry and everybody wants to have a piece of it. With such invasive adverts, cyber-crooks are likely to generate a lot of views' and even pay per clicks," he said.

As pointed out in Segura's blog post, these adverts are not only intrusive, but also indiscriminate in what they display.

"Shortly after being installed, [FlashPlayer11.safariextz] will begin to inject very rough advertisements on any website you visit," said Segura.

"For example, I visited pbskids.org, a site for children to play games and watch their favourite characters, when all of the sudden a pornographic advertisement was displayed," he added.

According to Segura, the malicious extension is being pushed from various websites, but most commonly comes from adult websites.

Advertisement - Article continues below

He also said he found it "interesting that the bad guys are banking on the fact people are now quite aware of how important it is to apply software updates".

"This is why you should always install updates from the vendor's official website to avoid nasty surprises," he advised.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/malware/33080/hackers-abuse-linkedin-dms-to-plant-malware
malware

Hackers abuse LinkedIn DMs to plant malware

25 Feb 2019
Visit/security/malware/28083/the-five-best-free-malware-removal-tools
Security

Best free malware removal tools 2019

23 Dec 2019
Visit/antivirus/28144/best-antivirus
antivirus

Best antivirus for Windows 10

3 Sep 2019

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/operating-systems/microsoft-windows/354526/memes-and-viking-funerals-the-internet-reacts-to-the
Microsoft Windows

Memes and Viking funerals: The internet reacts to the death of Windows 7

14 Jan 2020
Visit/network-internet/broadband/354530/openreach-offers-free-full-fibre-installation-for-thousands-of
broadband

Openreach offers free full-fibre installation for thousands of homes

14 Jan 2020