IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Malwarebytes flags fake Flash update

Unusual and inappropriate ads injected into websites.

Security firm Malwarebytes has sounded the alarm on a new bogus Flash Player update which causes legitimate advertisements to be replaced with spam and inappropriate banners.

FlashPlayer11.safariextz is a convincing fake browser extension, Malwarebytes claims. It uses the correct Flash Player logo and even includes a hyperlink to the official Adobe website.

However, once installed, the application either introduces its own intrusive adverts or overlays the official ads on legitimate websites with its own.

According to Malwarebytes security analyst Jerome Segura, the authors of this rogue application are hoping to tap into the lucrative business of web advertising by generating revenue from users clicking on the fake adverts.

"Online advertising is a billion dollar industry and everybody wants to have a piece of it. With such invasive adverts, cyber-crooks are likely to generate a lot of views' and even pay per clicks," he said.

As pointed out in Segura's blog post, these adverts are not only intrusive, but also indiscriminate in what they display.

"Shortly after being installed, [FlashPlayer11.safariextz] will begin to inject very rough advertisements on any website you visit," said Segura.

"For example, I visited pbskids.org, a site for children to play games and watch their favourite characters, when all of the sudden a pornographic advertisement was displayed," he added.

According to Segura, the malicious extension is being pushed from various websites, but most commonly comes from adult websites.

He also said he found it "interesting that the bad guys are banking on the fact people are now quite aware of how important it is to apply software updates".

"This is why you should always install updates from the vendor's official website to avoid nasty surprises," he advised.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Hackers could use new Wslink malware in highly targeted cyber attacks
malware

Hackers could use new Wslink malware in highly targeted cyber attacks

1 Nov 2021
FBI raids Chinese POS business following cyber attack claims
malware

FBI raids Chinese POS business following cyber attack claims

27 Oct 2021
Malware developers create malformed code signatures to avoid detection
malware

Malware developers create malformed code signatures to avoid detection

24 Sep 2021
New malware uses search engine ads to target pirate gamers
malware

New malware uses search engine ads to target pirate gamers

21 Jul 2021

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
Costa Rica declares state of emergency following Conti ransomware attack
ransomware

Costa Rica declares state of emergency following Conti ransomware attack

10 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022