Web Scammers Exploit Adobe’s Flash and Google’s Chrome: Kaspersky

According to investigators from Kaspersky the security company, developers of malicious software are abusing Flash Player of Adobe and Chrome browser of Google for planting their wares onto Internet users' computers.

Actually, the investigators found Google's Chrome as hosting phony Flash software, while the software remained throughout a scam that tried to manipulate Facebook accounts particularly the social networking website's "Like" feature.

Evidently, to unleash the phony Flash Player, Facebook software known as "Aprenda" was used as the launch platform. But, when Aprenda was loaded, end-users got diverted onto the Chrome Store that prompted for loading the phony Flash app.

Explaining in detail the above-mentioned assault, Researcher Fabio Assolini of Kaspersky Lab stated that it drew their attention, as along with instructing end-users for loading the fake Flash Player, the attack also used the Chrome Web-Store of Google for hosting the fake Flash. When end-users hit the 'install software' link, it diverted them onto the Store. Explicitly, the fake Flash file read "Adobe Flash Player," Assolini added. Securelist.com published this in news on March 23, 2012.

Moreover, the malicious Flash was detected as Trojan.JS.Agent.bxo, Assolini wrote on behalf of Kaspersky.

Approximately 900 people, according to the researcher, did the mistake of loading the phony Flash file, which subsequently managed to control their Facebook profiles. Consequently, Assolini advises Internet users for exercising great caution while browsing Facebook as also to reconsider prior to loading any Google Chrome application.

The Internet giant, meanwhile, fast got rid of the phony app; however, Assolini observed that the perpetrators of the scam were uploading fresh files routinely, while security researchers kept chasing them out. Cso.com.au published this in news on March 26, 2012.

Moreover, Security Company Kaspersky says that the mentioned assaults, intermittently emerging since some weeks now, reflect variations, while hitherto, they're occurring solely in Brazil as well as other Portuguese-speaking countries.

Eventually, the malicious application's working quite resembled the other scams on Facebook, like inviting buddies for loading it, although the account compromising was mainly associated with churning fake "Likes" that got traded for USD27 for every 1,000 'likes' perceived hitherto, Assolini concluded.

Related article: Web Browsers Too Have Security Exploits

» SPAMfighter News - 4/2/2012