Anatomy of a Phony Flash Player (can we just call it Phlash?)

A few moments ago I was "somewhere on the internet" prompted with a huge pop up telling me I needed to update to the latest version of Flash...

for the most part I avoid this software but the company I work with is determined to use web content from providers who just refuse to use anything else.

A brief note: this fraud did not come from that 3rd party site that is required, I was elsewhere trying to join what appeared to be a legitimate forum on the web (for guitar players if you want to know) which was apparently hacked or fallen on bad times and resorting to shoddy click bait ads. While this type of scam is common with sites that offer warez or content you don't feel like paying right now or ever it has become more common on sites you would not necessarily associate with illegal and immoral activity (why I play guitar in the first place)

So having an actual copy of Adobe Flash from Adobe still in my download folder from the horses mouth (adobe.com) I clicked Install, yes the fake install to see what happens next...

What happens next is the program downloads and opens an installer window on my desktop. Lets compare fake flash to Adobe's genuine article:

Now I really want to commend these scammers on their attention to detail, they really were so subtle with the installer window its boggles the mind as to which one is which (spoiler; the real on is on the right!)

So lets compare file size: (highlight the installer icon, hold down CMD and type "i")

The fake package is 1/10th the size of the genuine, and while I don't know what's in the package (and while Apple Gatekeeper is enabled I'm not going to click to find out) there is a package here so lets take a closer look.

Again, fake on the left, actual flash on the right.

So what I'm attempting to do here is foster conversation about this type of scam, because it's a popular one and there seems to be no end to where it pops up and the fact that it can be found more often on sites you wouldn't consider unscrupulous may portend to a more concerning trend in distributing garbage or possibly far worse.