Fake Flash Player Update Delivers Scareware to Mac OS X Users

Exterminator

Exterminator

Community Manager
Thread author
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
Content source
http://news.softpedia.com/news/fake-flash-player-update-delivers-scareware-to-mac-os-x-users-500002.shtml
There's a fake Flash Player update scam doing the rounds on the Internet, tricking users into installing a legitimate update, but also bundling the Adobe Flash Player package with scareware.

The researchers from the SANS Technology Institute discovered this new campaign, and they explain that the fake Flash Player update is presumably being served via malicious advertising.

At first, users are pestered with a popup that alerts them to update their current Flash version.

"They do not rely on a vulnerability in the operating system," said Johannes Ullrich, the SANS researcher that discovered this campaign. "Instead, the user is asked to willingly install them, by making them look like genuine Adobe Flash warnings (and we keep telling users to make sure Flash is up to date, so they are likely going to obey the warning and install the update)."

Clicking the OK button on this popup takes users to another page, where they download a fake Flash Player update package.

The fake Flash update package is signed with a valid Apple certificate
Surprisingly, this file doesn't trigger any warnings from Mac's GateKeeper because it was signed by an official Apple developer certificate issued to someone named Maksim Noskov. This means that Apple will allow you to run this malicious package without raising one single alarm flag.

Mr. Ullrich said that while the malicious Flash update package actually contained a valid, authentic and legitimate Adobe Flash update file, it also came bundled with malware.

The malware he discovered is part of the scareware category, which shows popups with apocalyptic messages, telling users their computer is infected and that they need to call a phone number to have it analyzed by a professional.

These are classic tech support scams, in which Malwarebytes has seen an increase over the past year. Until recent times, scareware has been prevalent and usually targeted Windows users alone.
Click to expand...
 
  • Like
Reactions: harlan4096, Ink, Venustus and 1 other person
You must log in or register to reply here.

Similar threads

silversurfer
    • +Reputation
    • Like
Malware News New MrAnon Stealer Malware Targeting German Users via Booking-Themed Scam
Replies
0
Views
1,071
Security News
silversurfer
silversurfer
vtqhtr413
    • Like
    • Wow
    • +Reputation
New ransomware fakes Windows Update to trick home users
Replies
5
Views
1,639
News Archive
upnorth
upnorth
Ink
    • Like
    • +Reputation
    • Applause
Fake Bitcoin app reached top of iOS App Store (Update: Removed by Apple)
Replies
0
Views
901
News Archive
Ink
Ink

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top