Highlighted

Adobe's 'Partner' 2144 in China has suspicious malware actions in Flash Player distribution

New Here ,
Jun 25, 2018

Copy link to clipboard

Copied

1. Background

In Feb 2018, Adobe now distribute Adobe Flash Player in China with Partner 2144 (https://wwwimages2.adobe.com/content/dam/acom/cn/about-adobe/newsroom/pdfs/【媒体快讯】Adobe与2144合作在中国大陆发行... ). But it seems that 2144 has some suspicious malware actions in Flash Player distribution. Previous discussion can be found in adobe forum, like:

https://forums.adobe.com/message/10449812#10449812

https://forums.adobe.com/docs/DOC-9203

Now, it contains a new  suspicious malware action: prompt advertisements using disguise mataintance service.

2. Problem detail: disguise mataintance service

When installing Adobe Flash Player 30 in 2144 distribution, it install a service named "Flash Helper Service". Description of  "Flash Helper Service" says "Flash Player update assistant service…send anonymous usage to 2144…".

无标11111题.png

But In fact, this disguise mataintance service also  prompt advertisements that user does not needed. This can be harmed to enterprise user.

无标题.0000000.png

Another user reported, if user disable this service, Flash player can not run:

http://bbs.ngacn.cc/read.php?tid=14168850&rand=384

In weibo, some users complain about  2144 distribution. A post pointed out that "Flash v30.0.0.113 seems lock region": http://weibo.com/5664614383/GkthLBSxp?refer_flag=1001030103_

222.png

3. Affected

All users in China using Adobe Flash Player by 2144 distribution

4. Suggestion

4.1 For customer

If needed, remove flash player and wait for Adobe reaction.

This action should be taken in enterprise in which need high security level.

4.2 For Adobe

It has been harmed to Adobe reputation. Adobe should revoke 2144 parentship.

Adobe should distribute Adobe Flash Player by own server, and provide clean offline Adobe Flash Player installation.

Views

12.3K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Adobe's 'Partner' 2144 in China has suspicious malware actions in Flash Player distribution

New Here ,
Jun 25, 2018

Copy link to clipboard

Copied

1. Background

In Feb 2018, Adobe now distribute Adobe Flash Player in China with Partner 2144 (https://wwwimages2.adobe.com/content/dam/acom/cn/about-adobe/newsroom/pdfs/【媒体快讯】Adobe与2144合作在中国大陆发行... ). But it seems that 2144 has some suspicious malware actions in Flash Player distribution. Previous discussion can be found in adobe forum, like:

https://forums.adobe.com/message/10449812#10449812

https://forums.adobe.com/docs/DOC-9203

Now, it contains a new  suspicious malware action: prompt advertisements using disguise mataintance service.

2. Problem detail: disguise mataintance service

When installing Adobe Flash Player 30 in 2144 distribution, it install a service named "Flash Helper Service". Description of  "Flash Helper Service" says "Flash Player update assistant service…send anonymous usage to 2144…".

无标11111题.png

But In fact, this disguise mataintance service also  prompt advertisements that user does not needed. This can be harmed to enterprise user.

无标题.0000000.png

Another user reported, if user disable this service, Flash player can not run:

http://bbs.ngacn.cc/read.php?tid=14168850&rand=384

In weibo, some users complain about  2144 distribution. A post pointed out that "Flash v30.0.0.113 seems lock region": http://weibo.com/5664614383/GkthLBSxp?refer_flag=1001030103_

222.png

3. Affected

All users in China using Adobe Flash Player by 2144 distribution

4. Suggestion

4.1 For customer

If needed, remove flash player and wait for Adobe reaction.

This action should be taken in enterprise in which need high security level.

4.2 For Adobe

It has been harmed to Adobe reputation. Adobe should revoke 2144 parentship.

Adobe should distribute Adobe Flash Player by own server, and provide clean offline Adobe Flash Player installation.

Views

12.3K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Adobe Employee ,
Jun 26, 2018

Copy link to clipboard

Copied

Thanks for your feedback.  

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
New Here ,
Jul 21, 2018

Copy link to clipboard

Copied

This version is dangerous to Chinese users due to China's censorship. It's a very bad move and will only bring Flash to death on a faster speed.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
New Here ,
Sep 21, 2018

Copy link to clipboard

Copied

your commpany should revoke 2144 parentship immediately!!!

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
New Here ,
Sep 22, 2018

Copy link to clipboard

Copied

It's ridiculous for Adobe to cooperate with such a malware company.

It's more absurd that there is not even an apology.

I will do my best to prevent my friend and family from using flash player anymore.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Advisor ,
Sep 23, 2018

Copy link to clipboard

Copied

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
New Here ,
Sep 23, 2018

Copy link to clipboard

Copied

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Community Beginner ,
Apr 02, 2019

Copy link to clipboard

Copied

This trojan installation is still happening, and just infected my PC.

Adobe have no business installing malware alongside flash.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
New Here ,
Oct 11, 2018

Copy link to clipboard

Copied

I am traveling in China and my computer must have done an auto-update on flash and now I have this Chinese alnguage Malware I can't even read on my computer I have no idea how to get rid of.  Stunning! 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
cbooker LATEST
New Here ,
Jan 15, 2020

Copy link to clipboard

Copied

I just moved to China and my PC came up with a Flash player update (from official adobe.cn website). Now I get this same thing: ads or something coming up via Flash Player Service:

screenshot.jpg

 

 

Time to uninstall...

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...