donetao

New Member
Hi! This is just my opinion, and I'm not a trained malware fighter. I believe that the fake adobe flash player updates are coming in through Google Chrome browser. I have had two seniors using Chrome tell me They had a pop up adobe up date and that's when they started having malware problems after ;clicking on the fake Adobe up date. This is just MHO;) After cleaning up their PC's and uninstalling Chrome,they have not reported any more issues.
 
  • Like
Reactions: JakeXPMan

Spawn

Administrator
Verified
Staff member
Google Chrome will not ask it's users to update Flash Player. The Browser, Extensions and built-in Plugins are silently updated in the background with no user interaction required.

Do your clients use any Adblocking software or extension?
 

donetao

New Member
Google Chrome will not ask it's users to update Flash Player. The Browser, Extensions and built-in Plugins are silently updated in the background with no user interaction required.

Do your clients use any Adblocking software or extension?
Hi @Huracan No most residents don't use Adblockers. Most of them use IE and so far none of the residents using IE or Firefox have seen this pop up.
Please read this link!
Thank you for your reply!
http://www.zdnet.com/article/fake-chrome-adobe-flash-updates/
 

Spawn

Administrator
Verified
Staff member
Yes, that is a social engineering to trick the user. As previously said, Google Chrome will not ask users to update Flash Player.

Adblocking software can prevent a lot of social engineering tactics (ie. Ads imitating download buttons) etc.

If I recall correctly, you had this issue before. So again, utilising an Ad-blocker in Chrome should help limit the damage.
 

donetao

New Member
Hi I have limited the Adobe pop up. I have uninstalled Chrome both times and the senior has not reported any more issues.
I understand that Adobe is up dated without user interaction. This is a new virus and if you read my link, you will see why I started this thread. It's not Adobe or Chrome!!!

This morning I stumbled across what seems to be a new malware-spreading technique: A fake updates for Google Chrome and a fake "media player" update that is designed to look like it's coming from Adobe.


Both updates are digitally signed by valid VeriSign code signing certificates. This is not unprecedented, but it's highly unusual for malware authors to use an expensive provider like VeriSign. VeriSign Authentication Services are now part of Symantec.


The fake Chrome update uses a logo similar to Chrome's, but obviously distinguishable from it. The page correctly identifies the version of Chrome I was running (the current version) and then says that it "may be outdated".
 

donetao

New Member
Hi! These are just my thoughts. Chrome is probably now the most used browser. It only makes sense to me that it would be the browser that the trouble makers would use to cause their grief. I don't have any prof. Just know what I read and see. There is a epidemic and it seems to tie in with Google Chrome. Just check out our malware section and read the Chrome complaints.
 

donetao

New Member
Hi! I hang around a lot on MT, but I'm also out and around and seeing these things in my village. I also hang out a lot in the malware section here at MT. I'm seeing our malware team telling our infected members to uninstall Chrome. So far I haven't see them recommend uninstalling IE or Firefox??? That's telling me some thing about Chrome! These are just my thoughts for what their worth.;):(
 

darko999

Level 17
Verified
Adobe flash is a nice name for most malvertising organizations. A good ads bl0cker software or extension is always recommended, it will filter a nice amount of these fake adobe flash ads. Chrome has a built-in adobe flash plugin that google updates with chrome itself, as someone already said, so clicking on any pops up about adobe flash on chrome is more likely malvertising.
 

donetao

New Member
Adobe flash is a nice name for most malvertising organizations. A good ads bl0cker software or extension is always recommended, it will filter a nice amount of these fake adobe flash ads. Chrome has a built-in adobe flash plugin that google updates with chrome itself, as someone already said, so clicking on any pops up about adobe flash on chrome is more likely malvertising.
Hi If you read the link I attached, you will see it's a lot more than just Adobe pop ups. I don't wish to argue. I know about adblockers.
I have been around the block a couple of times. I have seen every thing from W98 to W7 to W8.1 in my village. Our malware fighters are recommending uninstalling Chrome because it is highly infected. That's telling me it's very possible that Chrome is being attacked by people spreading malware. Please read my attached link.Also can be found in my first replies!
http://www.zdnet.com/article/fake-chrome-adobe-flash-updates/
 

darko999

Level 17
Verified
Hi If you read the link I attached, you will see it's a lot more than just Adobe pop ups. I don't wish to argue. I know about adblockers.
I have been around the block a couple of times. I have seen every thing from W98 to W7 to W8.1 in my village. Our malware fighters are recommending uninstalling Chrome because it is highly infected. That's telling me it's very possible that Chrome is being attacked by people spreading malware. Please read my attached link.Also can be found in my first replies!
http://www.zdnet.com/article/fake-chrome-adobe-flash-updates/
No problem mate I'm not argueing or anything. I'm just stating that Chrome is not infected, if you download chrome from google, and install it, it's clean. There is no magic that will infect your chrome browser until you click on something or you surf anything so you can get infected by java scripts / exploits / malvertising / dobleclick / etc. Chrome is a great browser, very popular so it's common to be targeted by malware more often than other browsers.
Quoting from your source:

""
I discovered the files by accident. Through a typo in the address bar I went to an address from which the browser was redirected a couple of times until it ended up on a page which loaded one of the two attacks described above. I have notified the Administrative contact for the domain, which appears to have been parked.

The first time I encountered the files I got to the pages with no problem. Shortly thereafter, Google Safe Browsing API blocked access to them in Firefox and Chrome.""

It's clear that he had to go a bit deep to get to the webpage that did redirect him to the page that downloaded a VeriSign signing certificate installer. So far the browser wasn't infected, but a user behavior leaded into a unsecure place with unsecure content. This is common, as you can see to downlod a bunch of stuffs from internet you will have to deal with ads, ads will load windows in the background and these windows can auto download files sometimes, plus the pop's up. The thing is I don't like it calling Chrome browser is infected, because it is not.
 

donetao

New Member
Hi Thank you for your reply @darko999 . I'm not trained in malware. Your reply is over my head. I just try to help on MT to the best of my ability. I don't know what is causing all these problems in our malware section. I just know what I observe in our malware section and try to make a hand here on MT
Thanks for your reply!
 
  • Like
Reactions: darko999

AtlBo

Level 27
Verified
Content Creator
I feel like much of this stems from a simple misunderstanding on the part of the animal behind (operating) the browser. I have worked with my mother an father to understand computers better, and what I like to explain is that what is in the browser is "live" and coming into the computer from someplace else (and from who knows whose computer). Then, as painful as it is to explain how people exploit the privilege of PC/computer ownership, it is easier to explain how fake offers happen on the internet. Stepping into the web world these days is stepping back to the wild west for sure, but, no mistake, the bad guys are after $$$. Have to make this clear with PC users.

Web site owners are responsible for their pages, and it's websites that introduce most of the malware that leads to the pop ups and false ads and keylogging exploits and so on. I think this is important to remember. However, if web site owners don't know code, they are at the mercy of whoever they pay to create their page(s). Maybe this isn't as much of a problem with big companies, but I feel that the PC industry really must find a way to weed out those who choose to use such an amazing opportunity, such as building websites, to become a distraction to the benefits of owning a PC and generally a thorn.

On the positive side. Malwarebytes Anti-exploit might be the answer for alot of this. I just started using the program, and it hasn't found anything, yet, but the exact purpose of this software is to thwart internet related malware intrusion. We all know that Malwarebytes is a company that we can trust. Definitely, I would recommend it already, and I have friends who recommend it to everyone they talk to about computers. I also recommend YouTubing for the videos on this product.

Yeah, it's time for the Duke:

 
  • Like
Reactions: frogboy and donetao

jamescv7

Level 61
Verified
Trusted
In dealing for Flash Player the easy way to determine is by showing the updater notification itself (non Chrome) running on background services pertaining about the new updates such it does not showing in the webpage where the fake flash player updates does in opposite way.

The user must be supervise that the flash player has been installed to avoid clicking on those malvertize sites.

Agree where adblockers will be the first prevention for it.

:)
 
  • Like
Reactions: frogboy and donetao

ikkigooners

Level 1
It's not Chrome's fault, it is simply a social engineering attack, some malicious pop-up acting like an update for Flash Player, whenever you click on it, it automatically install the malware or redirecting you to a webpage to download the fake Flash Player. Any browser without Ad-blocker can get those malicious pop-up and ended up suffering from a malware infection. Always using common sense when surf the internet, stay away from unpopular website, porn, crack, etc. as they're most likely a malware hive.
 
  • Like
Reactions: frogboy and donetao

donetao

New Member
Hi Thanks to all that replied to this thread. Why isn't IE and Firefox seeing this?? Seriously have you seen any IE or Firefox members asking for help in our malware section. I admit I'm not the sharpest crayon in the box and some of your replies are over my head.
I'm not blaming Chrome. I'm just saying I think they are a target for this. I guess we'll know more in the future??
PS Are any of you MT members following our Malware section??
 

ikkigooners

Level 1
Have you tried visiting the same website that offering those fake update using IE or FF? If you tried it and no fake pop-up, assuming no ad-blocking extension were installed, then it may be a targeted attack on Chrome user.
 

donetao

New Member
Have you tried visiting the same website that offering those fake update using IE or FF? If you tried it and no fake pop-up, assuming no ad-blocking extension were installed, then it may be a targeted attack on Chrome user.
I'm not getting any fake up dates. I help seniors with their computers and printers here in my retirement village for free. I only know what they tell me. I just know when they ask for my help,they are heavy infected and they tell me they clicked on a Adobe or Chrome pop up up date. I'm advising them to use a different browser until this issue is solved. And I do install WOT and add Adblocker + to IE or Firefox browsers, and tell them not to click if they don't want a ticket.;)I spend time in the field, not just hours here on Mt. I don't know if Chrome is being targeted, but it sure seems that way to this old country Okie boy!
 

darko999

Level 17
Verified
Chrome is easier to infect by adware, because is the most popular browser. People will tell you they have issues with fake adobe flash player, more on Chrome than other browser because of the reason above. I use Pale Moon and a regular adfilter and I have seen just one fake adobe page in like 6 months.
 
  • Like
Reactions: frogboy and donetao

donetao

New Member
I use Firefox and I have never seen a fake Adobe up date. I'm talking about the seniors in my village where I help them their PC's.
That's where I hear about these things and it's only on seniors PC's that are using Chrome. Therefore I'm uninstalling Chrome on their Computers.
I give them the choice to reinstall. They say they don't want it back. Fool me once, shame on you. Fool me twice, shame on me!!:):):)
PS One fake Adobe up date is to many IMHO!;)
 

darko999

Level 17
Verified
I use Firefox and I have never seen a fake Adobe up date. I'm talking about the seniors in my village where I help them their PC's.
That's where I hear about these things and it's only on seniors PC's that are using Chrome. Therefore I'm uninstalling Chrome on their Computers.
I give them the choice to reinstall. They say they don't want it back. Fool me once, shame on you. Fool me twice, shame on me!!:):):)
PS One fake Adobe up date is to many IMHO!;)
Nah, It's fine, since I have disabled all Adobe Flash update services on my windows, and it is set to do not download and install updates in the adobe settings, there is no need for me to spend time in any advertising that my little adfilter couldn't block. Also you had to click the pop'up and a file was downloaded, but not executed. The file was recognized as PuP by ESET anyways.
 
  • Like
Reactions: donetao