Beware of fake Adobe Flash Player update scareware

Updates are normal elements of any app’s lifecycle. Technologies are evolving, and software makers are bound to keep up with the progress. Plus, new versions being rolled out ensure that recently discovered vulnerabilities are patched and the users are protected against the latest attack vectors. However, malicious actors have managed to turn the whole benign perception of this process against regular users. In a massive malvertising wave, cybercrooks have been distributing rogue system utilities under the guise of an Adobe Flash Player update.

The issue is making itself felt the most in the macOS climate. It results in numerous users’ web surfing being defiantly interrupted by popup ads that say “Adobe Flash Player is out of date” or similar. These irritating alerts appear on dodgy websites that claim to provide some sort of multimedia content but allegedly cannot render the streaming materials due to old version of the software in question. In case the user is hoodwinked into applying the update, though, they unwittingly install a potentially unwanted program, such as Advanced Mac Cleaner or Mac Cleanup Pro. The whole gist of these applications is to report fake threats and system issues in order to fool the victim into purchasing their license.

Fake Adobe Flash Player update pop-up in Safari browser on Mac computerMac users mostly end up on these deceptive pages because of browser redirects that may be triggered by a virus sitting inside the visitors’ systems. There are also scenarios where a misleading advertisement, when clicked, forwards one’s traffic to the fishy landing page, but these aren’t as common as malware-related predicaments. The Adobe Flash Player update virus is, technically, a malicious browser plugin that penetrates into Macs as part of complex software installations. By being bundled with legit freeware, the infection is likely to slide unnoticed into a computer.

Once the offending plugin is on board, it reconfigures the way the victim’s default browser works so that a random click or an attempt to open a new tab will invoke a redirect leading to the fake Flash Player update page. Obviously, following the rogue recommendations on the popup is a bad idea. One more thing to keep in mind is that the issue will persist until the adverse code is obliterated from a target Mac. Overall, similar hoaxes targeting Macs are on the rise, so a bit of extra vigilance when online won’t hurt.

Adobe Flash Player update virus, a growing issue on the Mac threat map

Social engineering is at the forefront of Mac malware distribution, probably because it’s easier to manipulate humans than to circumvent the operating system’s decent defenses. Out of all such campaigns currently underway, the Adobe Flash Player update scam is one of the heftiest. Its operators are cashing in on Mac users’ understandable desire to keep their software up to date. The most conspicuous symptom boils down to iterative browser redirects leading to websites that claim the visitor uses an old version of Flash Player. The idea is to dupe the user into downloading the “latest” build of the app so that certain media content is supported and can be displayed.

The catch is clear, but what about the cause of this issue? In most cases, the troublemaker is an offensive browser add-on that sneaks into a system and gives the whole browser set-up a twisted overhaul. In particular, the culprit may replace such preferences as the default homepage, search provider, and new tab page with a specific malicious URL. It can also tamper with DNS server settings without being allowed to. As result, the victim will be recurrently forwarded to a sketchy website hosting scripts that trigger deceptive popups about Adobe Flash Player being out of date.

In case the user falls for the fraud and installs the pseudo update, they will instead get a faux system optimizer like Mac Auto Fixer, Mac Keeper, or Advanced Mac Cleaner. The unwanted app will instantly unleash its brainwashing power by displaying bogus system scans that generate fake results. Ultimately, the scareware will try to persuade the victim to buy its license in exchange for the imaginary system repair.

The mechanism of the original contamination is quite prosaic. The Flash Player Update virus typically tiptoes into a Mac along with a piece of harmless freeware. The payload delivery process is surreptitious, though, because the user is clueless about the bundle and keeps thinking the only app they are installing is the benign one mentioned in the setup client. This is a mainstream method of serving adware and quite a few other types of viruses onto computers. Therefore, it certainly makes sense to select the custom install option when getting new software and thus make sure there is nothing potentially toxic under the same umbrella.

If the attack has already occurred, there is some cleaning work to do. The wrongdoing browser extension is subject to removal, and so are additional fragments of the infection sprinkled across the system.

Leave a Reply