Previous 1 5 6 7 8 9 Next 128 Replies Latest reply: Oct 24, 2011 12:59 PM by MadMacs0 Go to original post
  • Kurt Lang Level 7 Level 7 (34,900 points)
    There was such a site for a couple of days this week.

    Yes, that's all I really meant. Anyone trying to find Flash at that site name wouldn't have been able to find it, so I was just pointing to Adobe's site.

     

    Big surprise that it was very likely a malware site.

  • SteveKir Level 3 Level 3 (545 points)

    I have just got this on my desktop:

     

    Flash message.jpg

    I have not clicked on "See details...". (No way!) "Adobe Flash Player Install Manager" has been automatically launched. It could be malware which is programmed to launch "Adobe Flash Player Install Manager" as a way to increase its authenticity? When I quit "Adobe Flash Player Install Manager", the message box disappears.

     

    How can I find out where it came from? and:

     

    Is it safe?

     

    (BTW: I am on Lion 10.7.1, not SnowLeopard which is the OS for this Discussion.)

  • WZZZ Level 6 Level 6 (12,690 points)

    Go to the Adobe Flash Player download site and see if there's an update. This might legitimately be coming from the automatic update notification. If so, don't click on the pop-up, get it from the Adobe site as a standalone and install it. The latest Flash is 11.0.1.152

     

    https://www.adobe.com/support/flashplayer/downloads.html

  • cathy fasano Level 2 Level 2 (340 points)

    Yeah, great going Adobe, where your legitimate software update procedures are indistinguishable from trojan horses.

     

    If I take away anything from this thread, it's this:  if you get an automatic upgrade notification from adobe, take that as meaning that you should CLOSE THE PANEL, go to the adobe website and download the upgrade and install it manually. 

  • WZZZ Level 6 Level 6 (12,690 points)

    I don't know if they are indistinguishable from the Trojans -- and, in general, for security reasons, I'm no great fan of Adobe Flash or Reader, but, if true, why would that be Adobe's fault? FWIW, if one pays the least bit of attention -- providing one is a native English speaker or well schooled in English usage -- one will notice the pop-up from the Trojan is written in broken English, probably by some Russian or Ukrainian.

  • SteveKir Level 3 Level 3 (545 points)

    That seems safe. However, to avoid phishing, it would be best to type in Adobe's site address manually, I think.

  • WZZZ Level 6 Level 6 (12,690 points)

    That's a good idea when presented with a link in an email. But typing in the link I gave you manually won't change anything for getting redirected, and I don't think there's any chance of being redirected/phished. You'd have to worry, maybe, if you were getting this from a pop-up. It's the right link. Just click on "Get the latest version."

     

    Now, if it were something like Get FlashPlayer Update Here.

     

     

    Always check the staus bar to see where a text link really goes. And for a link in email, hover the mouse over the link and you'll get a yellow tool tip to show  the actual URL.

     

    Message was edited by: WZZZ

  • SteveKir Level 3 Level 3 (545 points)

    This has gone very quiet. Have there been any developments? Is the panic over?

  • MadMacs0 Level 5 Level 5 (4,560 points)

    SteveKir wrote:

     

    This has gone very quiet. Have there been any developments? Is the panic over?

    As far as I know that last time they distributed anything was around Oct 11 for a very short period of time. One can only speculate as to when they might return with their next attack nor has there been any evidence that they have used the backdoor capability on the infected machines that are still out there for anything.

Previous 1 5 6 7 8 9 Next