- Nokia's new N97 vs. the iPhone
- Talk-powered cell phones?
- FBI: Copper thieves jeopardize U.S. infrastructure
- 10 Microsoft research projects
- Smartphone smackdown: Storm vs. iPhone
Hackers are trying to dupe people into downloading malicious software labeled as Adobe Systems' Flash Player, prompting a warning from the company.
Adobe is advising users to ignore links on social-networking sites that lead to other Web sites purportedly hosting Flash Player, as those sites often have malicious software.
"If the download is from an unfamiliar URL or an IP address, you should be suspicious," Adobe's advisory said.
Labeling malware as legitimate software is an old social-engineering tactic. But given the wide use of Flash on Web sites, most people have installed Flash Player to display the content.
Adobe has also updated Flash Player several times this year due to other security issues, so it may not come as a surprise to see an upgrade message, albeit a fake one. The current version is 9.0.124.0.
Adobe said the Flash Player available on its Web site is digitally signed and validated by the Windows OS during an installation. Users can also verify that the Flash Player installer is legitimate by right-clicking on it, selecting "properties" and going to the "digital signatures" tab. It should say that the publisher is "Adobe Systems, Incorporated."
Security vendor Kaspersky Lab wrote on Monday that the micro-blogging site Twitter was being used for attacks employing the Flash Player ruse.
A Portuguese-language profile was created that included a link to a video that, if clicked, starts downloading what is supposed to be Flash Player. Instead, 10 varieties of malware that steal banking-related information are dumped on a PC.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment