Yeah, this sounds like you were tricked into downloading malware. Unfortunately, because Flash Player is so widely used, it's a common target for impersonation. Malicious sites and/or inserted ads can generate "update Flash Player" messages that link off to malware distribution sites. Since we're talking about computers, it's pretty easy to make pixel-perfect impersonations. While there are cryptographic ways to determine software authenticity, it's beyond the scope of what most people are interested in doing.
In general, you're wise to assume that update messages and links to downloads are malicious, and you should always treat them with suspicion. Instead of clicking through on in-browser messages or pop-ups, download the update through your operating system's app store, or use a trusted search engine to navigate to the appropriate download on your own.
In the case of Flash Player, you can always download the latest version directly from Adobe, here:
https://get.adobe.com/flashplayer/
Wherever possible, set your software to automatically update (*especially software that deals with untrusted content, like your OS, Browser and Flash Player), so that you're getting the latest protections as they become available, and you're less inclined to believe any unexpected update notifications.
Unfortunately, you now have a mess on your hands. You've installed software from an untrusted third party, and short of a forensic investigation (which is time-consuming and prohibitively expensive), there's no telling what it did to your machine.
If it's a work computer, I'd just take it to your IT person and explain the situation.
If it's your personal machine, your options really range on your personal risk tolerance. If it's a machine that you use for sensitive stuff (banking, healthcare, etc.), then you should really think about backing up any important data, and doing a complete wipe and reinstall from scratch. You'll want to follow that up by changing your passwords, especially on important services like healthcare and banking, and on things like email, which might get used to reset those passwords by a bad actor.
This is also a really good time to think about adopting a password manager and moving to unique usernames and passwords across the various sites you use, and where possible, adopting two-factor authentication. Unique passwords helps limit the damage in the event that a provider that you use has had a breach that exposed your password. Think of it as limiting the blast radius. Most major sites (google, etc) and banks offer a variety of painless muliti-factor authentication options. This prevents untrusted machines from gaining access to your accounts, even if they *do* have your password. They need your password *and* your phone, which makes things substantially harder.
You can try cleaner tools and antivirus products, but the reality is that the bad guys are smart, and they test against common mitigations. You're putting a lot of faith in a tool to get things perfectly right 100% of the time, against an entire universe of malware, which grows at a huge rate with constantly-evolving variants. Since a common strategy is to establish a foothold inside a network and move laterally (and in 2017, move laterally can mean compromising a thermostat or network camera behind your firewall), keeping an untrustworthy machine on the network is just generally a bad move. We're long past the days of kids in basements, and well into the era of industrial scale, state and organized crime-sponsored hacking, much of which is completely automated. Malware frequently also has automatic updaters, and once established, can pull in additional software to ensure resilience in the face of commodity anti-malware/virus-removal tools...
Anyway, sorry that you experienced this, but this wasn't an installer that came from us. We have an extensive set of controls in place to ensure that content going out the door is authentic, but we can't control what happens on other peoples' websites.
We *do* enlist the services of specialists that investigate and issue takedown notices for people abusing our brand, and given a screenshot and a link to the offending download, we're more than happy to get our fraud team on the case.
2
Replies
AdChoices