The company said in a bulletin posting that malware writers have been using fake news video pages that purport to offer video clips.
Adobe said that the malware is being propagated through social networking sites by way of spam comments advertising fake news stories.
On following the link, the user is taken to a page that attempts to copy either Reuters or CNN video sites. The user is then presented with a pop-up window informing them that their currently-installed copy of Flash cannot play the video.
The user is then asked to download an executable file labelled 'get_flash_update', according to security firm Sunbelt Software.
Adobe is advising users to only download the player from their site. The company also notes the authenticity of the Flash installer can be tested by looking for a digital certificate on launching the installer or checking the properties window on the executable file.
The attack is the latest spin on the popular 'fake codec' social engineering tactic.
Malware writers will often attempt to lure in new victims with the promise of video files. When the user attempts to view the supposed movie, a message pops up asking the user to download a trojan disguised as a video codec.
Adobe warns of fake Flash peddlers
By
Shaun Nichols
on
Aug 7, 2008 7:39AM
Adobe is warning that its Flash video player is being used to push malware..
Got a news tip for our journalists? Share it with us anonymously here.
Sponsored Whitepapers
Free eBook: Digital Transformation 101 – for banks
Why financial services need to tackle their Middle Office
Learn: The latest way to transfer files between customers
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see