Malware Proliferates Through Fake Adobe Flash Update
The IT security company 'Barracuda Networks' has cautioned Web-surfers to remain vigilant against bogus updates for Adobe Flash. The warning has come after the discovery of compromised websites offering Adobe Flash update to unwitting users. These compromised websites have a legitimate-looking page.
Barracuda states that the page appears authentic, but if the update is downloaded, the user merely gets an extremely nasty malware, which McAfee detected as Downloader-CEW.f, as reported by BarracudaLabs on July 7, 2010.
The process begins with the search for top or breaking news for instance - LeBorn James performance. As soon as one clicks on the highlighted results, he is diverted to the bogus update site.
Security researchers state that after hackers have determined the trending news subjects, they fast establish a fake Internet site and manipulate it to climb high on the list of trendy news without delay.
Here it is worth noting that the place of registration of the original domain is the Cocos Islands. Moreover, the update is Adobe Flash Player 11, whereas the Flash's latest edition is 10.1.
One more indication that the pages are bogus is that when users encounter the pop-up window that lead to malware, they are merely permitted to hit on "continue" while the rest of the clicks are insignificant. Merely "Continue" presents a path ahead to the user such as a Windows Security Warning pop-up box.
In case the end-user executes the file, a clicker on the background gets downloaded, which utilizes the online connectivity to produce bogus traffic. While this activity remains invisible, more spyware programs and scamware gets downloaded, states Barracuda.
According to the researchers, cyber criminals' dissemination of malicious programs by abusing current news is now far greater than earlier. Trend Labs recently reported that when Mel Gibson video-related searches were performed, false malware infection alerts appeared. Similarly, other searches displayed the bogus installer window for Adobe Flash Player, as reported by SearchSecurity on July 16, 2010.
To avoid the hazard of getting compromised, Barracuda Networks advises that users should only access the authorized source for acquiring the Adobe Flash updates.
Related article: Malware Authors Turn More Insidious
» SPAMfighter News - 22-07-2010