Skip to main content
Participant
October 18, 2017
Question

Flashplayer update is malware?

  • October 18, 2017
  • 2 replies
  • 2437 views

Hi All - I received a pop-up window saying that my Flash Player may be / is out of date.  I proceeded to download and install the update, but noticed that source of the update was eicharesponsecenters.net.  I've done a search on eicharesponsecenters.net and do not get any results.  When I try and access eicharesponsecenters.net, I get "can't reach this page".  Thinking I may have downloaded malware, I did a Windows Defender scan, but no threats were found.  Has anyone had a similar situation - or know anything about eicharesponsecenters.net?  Note:  I'm using Microsoft Edge browser on a Dell laptop.  Thank you.

    This topic has been closed for replies.

    2 replies

    jeromiec83223024
    Inspiring
    October 18, 2017

    Also, we contract with a service that pursues these kinds of attempts and takes the necessary actions.

    We're always happy to file those reports on your behalf; however, what we really need in these situations is the full URL of the link, and a screenshot.  Most likely, they've done something clever where the link included a token, and they only serve the malware when you've come from an expected location.  This helps them stay under the radar, and makes it's hard to prove to an ISP that they should take the site down, without direct evidence to back it up.

    jeromiec83223024
    Inspiring
    October 18, 2017

    If you did not execute the file after downloading it, you're probably fine.  It sounds like you did all the right things here.  You can just delete it, or consider uploading it to virustotal.com.  It will run it against the major antivirus engines.  If it's not a known signature but looks suspicious, it will queue it up for identification, and the details required to detect and block it will get pushed back out to the participating antivirus products.

    As an industry, we've raised the bar significantly over the last few years against attackers' ability to get malicious software running on the system without your authorization.  The path of least resistance is now the human factor.  It's orders of magnitude easier to try and trick you into running an application and granting it permission than it is to do it silently, and without your involvement.

    Because Flash Player is used on ~2.5 billion devices, if you're going to impersonate something, Flash Player is a good target.  Flash Player is a built-in component of Internet Explorer and Edge on Windows 8 and higher, and a built-in component of Chrome on all operating systems.  If you're using either browser, and you have automatic updates enabled for Windows and Chrome respectively, you can just assume that any update dialogs are completely bogus.

    In fact, the smart move is to never click through on links to updates in email or on websites.  If you think you need a product, open a new tab, google it, make sure you find the author's website, and download it directly from the source, or use your operating system's App Store, if the software is available there.

    In the case of Flash Player, you should only download flash player directly from Adobe.

    Here's the link:

    https://get.adobe.com/flashplayer/