Fake Flash Player extensions foists spam

By

Serves racy ads.

Security researchers are warning of a fake Adobe Flash Player update extension whose goal is to serve spam ads to victims.

Fake Flash Player extensions foists spam

The malicious plug-in, dubbed FlashPlayer11.safariextz, is being distributed from mostly adult websites, according to Jerome Segura of security firm Malwarebytes.

Unsuspecting users were told they need to install the Flash update to view a video in a fashion typical of many malicious extension scams.

The threat was "widespread," according to a spokeswoman for the company monitoring the outbreak.

Once the bogus software was installed, it displayed racy ads.

"For example, I visited PBSKids.org, a site for children to play games and watch their favourite characters, when all of a sudden a pornographic advertisement was displayed," Segura said in a blog.

It's not just lewd ads being served, either. The malware – which does not affect Internet Explorer, but was spotted in Chrome, Safari and Firefox – also is capable of superimposing spam ads over legitimate ones.

"Online advertising is a billion-dollar industry, and everybody wants to have a piece of it," Segura said.

"With such invasive adverts, cyber crooks are likely to generate a lot of views and even pay-per-clicks. If you believe you are seeing strange or inappropriate ads on the websites you regularly visit, it wouldn't hurt checking the extensions installed in your browser and removing the offending ones."

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
adobechromefirefoxflashinternet explorermalvertisingmalwaresafarisecurityspam

Sponsored Whitepapers

Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Protect APIs. Protect Your Business.
Protect APIs. Protect Your Business.
KnowBe4 Benchmark Report: Reducing Human Risk & Phishing Vulnerability in ANZ
KnowBe4 Benchmark Report: Reducing Human Risk & Phishing Vulnerability in ANZ
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt

Events

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack
Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"
Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks
Sportsbet recruits 'security champions' in shift-left strategy

Sportsbet recruits 'security champions' in shift-left strategy
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?