RSS Alerts

Share

More services

Related Links

  • Barracuda Labs
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • Safer Internet Day – watch out for fake updates says Webroot
    Today, as you may have noticed, is Safer Internet Day, when vendors in the IT security world will almost certainly be appearing on the radio and TV explaining how to surf the net more securely. But, says Webroot, one of those vendors, users should watch – especially today – for fake updates to their security software.
  • Trend Micro warns that Koobface abuses Google Reader
    Trend Micro has uncovered that the Koobface botnet is now abusing Google Reader, the web-based data aggregation service, routing internet users to infected websites via seemingly innocent Youtube videos.
  • Breaking the Online Bank
    As technology and online behaviors change, so too do methods to compromise a person’s – or organization’s – most vital assets: their financial details. Ted Kritsonis examines how cyber thieves are adapting, and what the banks are doing to stop them
    Members' Content
  • Data Breach Spring
    Infosecurity’s Drew Amorosi examines three data breach incidents from the past few months that, by their nature, keep security vendors in business, regulators busy, and CISOs up at night. Find out why industry observers think this rash of massive breaches could lead to a ‘PCI for consumer privacy’
  • The Gods of Phishing
    Some phishing attempts are truly ethereal – near flawless representations of official communications. Others, however, are mere mortals. And then there’s the absolutely absurd. Esther Shein visits the pantheon of scammer emails

Top 5 Stories

News

Fake Adobe Flash updates lure the unwary

09 July 2010

Barracuda Networks has warned internet surfers to be wary of fake Adobe flash updates, after it uncovered a number of compromised sites in the wild which present unwary visitors with an official-looking Adobe Flash update page.

Even though this page looks convincing, the IT security vendor says that downloading the `update' only provides the user with a nasty piece of malware that is classified by McAfee as Downloader-CEW.f.

As a result of its findings, Barracuda is urging users to only get Adobe Flash updates directly from the source - http://get.adobe.com/flashplayer.

According to the IT security vendor, by tracking trending news topics, hackers quickly register a rogue website which climbs the news trending charts fairly quickly.

Clicking on the highlighted result when a search for news is carried out sends the user directly to the fake upgrade page.

But there is a way to spot the fake pages, as Barracuda reports that the dialog boxes opening to the malware only allow uses to click `continue' and other clicks are ignored.

And, says the company's security blog posting, if the user does run the file, it will download a background clicker that uses the Internet connection to generate fake Internet traffic.

"While this activity goes on unseen, additional scamware and spyware programs are downloaded", says the IT security vendor.

The problem, says the firm, is that an unsuspecting user can be compromised in no time, which is why it is recommended to get Adobe Flash updates directly from the source.

This article is featured in:
Application Security • Internet and Network Security • Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012