Locked

Flashplayer Trojan

New Here ,
Apr 08, 2018 Apr 08, 2018

Copy link to clipboard

Copied

Would be nice if Adobe would fix this. Tried of getting this Trojan  js/flafisi.d. Also never used flash before. But trash junk win10 forces you to use it and you can't delete it.

Views

871

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
Apr 09, 2018 Apr 09, 2018

Copy link to clipboard

Copied

I'm not familiar with this trojan/virus.  Did a little searching and it appears to come from a fake Flash Player notification.  I'm not sure how you expect Adobe to fix an issue created by a malicious actor.  Adobe does follow-up on reported threats.  You're more than welcome to report the virus/trojan to phishing@adobe.com or abuse@adobe.com.  This'll get the information to the appropriate team for follow-up.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
Apr 09, 2018 Apr 09, 2018

Copy link to clipboard

Copied

LATEST

Unfortunately, you keep getting tricked into download and installing a fake Flash Player.

Technical solutions to preventing unauthorized software installations became prevalent over the last few years, so human factors are now the easier target for attackers.  Tricking someone into authorizing an installation is the path of least resistance.

Since Flash Player is ubiquitous, it's the go-to choice for a product to impersonate.

There are a few ways to avoid this situation:

  1. Never click through on a link from an email or website to a software update.  Just don't. 

    If you think you need to download an update for something, google for it, find the software developer, and download the product directly from them.  For bonus points, make sure the download link uses https and not regular http.

  2. When possible, download software from your operating system's App Store

    This doesn't work for Flash Player, but as a general rule, applications from your operating systems App Store have some level of vetting, and get updated automatically

  3. Enable Automatic Updates

    For Flash Player, you can choose Allow Adobe to Install Updates (recommended) at install time, or you can change that preference any time by going to Settings / Control Panel > Flash Player > Updates, and selecting the option there.  You can also use the Check Now and Install Now buttons to determine if you need an update, and to apply that update manually.

    Once you have automatic updates installed, you can confidently assume that any update notifications are bogus.

  4. Use Google Chrome or Internet Explorer and Edge on Windows 8 and higher

    Chrome (on any operating system they support) and IE and Edge on Win8+ both include a built-in Flash Player that they keep updated automatically.  Chrome does this via their own built-in update mechanism, and Microsoft pushes Flash Player updates via Windows Update. 

    In either browser, you can simply ignore notifications to update, as there's nothing to update or install.

  5. Keep your router updated

    If you haven't installed a firmware update on your wireless router recently (or ever), you might want to update it with any available firmware updates.  I'd recommend doing this from a trusted machine that hasn't had malware installed on it.  There was a well-publicized vulnerability in many commodity routers that allowed a trojan to inject malicious code into the working memory of the router.  When abused in practice, the vulnerability was frequently used by attackers to inject fake Flash Player update notifications into legitimate webpages.

Anyway, sorry that you're going through this.  As Maria pointed out above, if you continue to encounter notification dialogs, please take a screenshot and copy the entire URL from the address bar, and shoot an email to one of the addresses listed above.  We have a team dedicated to responding to those kinds of incidents that will be happy to pursue it.

Thanks!

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines