Copy link to clipboard
Copied
Safari browser just demanded an Adobe Flash update which downloaded an installer with Skyscanner and IdeaShared apps? Screenshot of info for installer. From the url it would appear this is bogus. Please would Adobe advise?
Yes that’s a scam. You have malware. Personally I’d advise erasing the machine and reinstalling clean, restoring your files from a backup made before the infection. I don’t speak for Adobe.
Copy link to clipboard
Copied
Yes that’s a scam. You have malware. Personally I’d advise erasing the machine and reinstalling clean, restoring your files from a backup made before the infection. I don’t speak for Adobe.
Copy link to clipboard
Copied
If you've encountered a site offering fake Flash Player downloads, please send a screenshot and a fully copy of the URL(s) involved to phishing@adobe.com.
Our phishing team will follow up with appropriate actions on the website side of things. In general, it's better to avoid posting malicious links to the forums. We don't want anyone accidentally clicking them, and the more sophisticated delivery mechanisms engineer the URLs for one-time use (it's hard to serve a takedown notice if you can't show someone that the URL is delivering malware).
The US Federal Trade Commission has some good advice on avoiding malware in general:
https://www.consumer.ftc.gov/articles/0011-malware
https://support.microsoft.com/en-us/kb/129972
Here's the advice that I typically share to people that were either tricked into installing malware, or are seeing fake update notifications, but haven't been lured into actually running those installers:
Unfortunately, because Flash Player is installed on billions of computers, it's a common target for impersonation for people distributing malware.
As an industry, we've done a pretty good job of defending against technical attacks that allow bad guys to install software without your authorization. In 2018, it's really difficult to do (assuming you're running a modern operating system and not something from 2005, in which case, you should get on that).
The result is that human factors are now the path of least resistance. It's easier to trick you into installing something on behalf of the attacker, vs. figuring out how to defeat all of the security stuff required to do it without your express permission.
In general, you're better off setting everything to update automatically. You can then go through life assuming that any update notifications you get are bogus. This is actually what we strongly recommend, and it generally applies to anything tasked with handing untrusted communication (the operating system, your web browser, flash player, etc.). The inconvenience of something functional breaking because of an update pales in comparison to the pain of recovering from identity theft.
Here are a few guidelines that will minimize your risk of getting tricked into installing malware:
For Flash Player specifically:
Microsoft Edge and Internet Explorer on Windows 8 and higher also include Flash Player as a built-in component of their browser, and updates are handled automatically through Windows Update. Again, as long as Windows Update is enabled, there's nothing to download or configure.
If you've actually installed malware on your machine (which in this instance, it sounds like you have):
There is a large universe of unknown unknowns, but the important thing to know is that malware authors at this point are professionals. They test against popular antivirus and cleanup tools. Good malware is going to first establish a foothold, but the second order of business would be to ensure resilience.
If you've run cleanup tools and have removed the obvious visible signs of the malware infection, that may be adequate, but you're putting a lot of faith into the efficacy of those tools. In most situations, it's difficult to determine whether or not you've eradicated everything that was installed, and you should weigh those risks carefully. Without significants expertise, and/or an exhaustive and expensive forensic analysis, there are no guarantees.
If it were me, I'd probably back up all of the critical data on the machine and then burn the whole thing down and start from scratch (i.e. format the hard disk, reinstall the operating system and applications from pristine sources, install a reputable antivirus utility, scan my backups and then restore them.
I'd then go buy a password manager like LastPass/OnePass/KeyPass/etc. and set about ensuring that I have unique, strong passwords for each of the important online services that I use (including any email services that could be used to reset those passwords), and set up two-factor authentication wherever it's offered.