{"id":11195,"date":"2016-06-05T11:31:40","date_gmt":"2016-06-05T15:31:40","guid":{"rendered":"http:\/\/www.thundercloud.net\/infoave\/new\/?p=11195"},"modified":"2016-06-05T11:31:40","modified_gmt":"2016-06-05T15:31:40","slug":"beware-this-real-looking-flash-player-update-is-malware","status":"publish","type":"post","link":"https:\/\/www.thundercloud.net\/infoave\/new\/beware-this-real-looking-flash-player-update-is-malware\/","title":{"rendered":"Beware – This Real Looking Flash Player Update Is Malware"},"content":{"rendered":"

Beware – This Real Looking Flash Player Update Is\u00a0MALWARE<\/strong><\/h1>\n

This malware\/rogue has been around for a couple of years now. It faded away and is now back in full vigor.<\/p>\n

If you see this, then you could be in big trouble:<\/p>\n

\"Cloudeight<\/span><\/span><\/span><\/p>\n

It looks real but it is not. I was reading an article on Reuters and suddenly this appeared out of nowhere. I am 100% sure my computer is not compromised – because I am careful and I check it every day and know every process running – and if I get lax, I have Emsisoft<\/a> watching my back.<\/p>\n

This real-looking flash player upgrade notice appeared while I was on a respected site and a file called “installation.exe” started downloading immediately – as soon as the fake flash player dialog showed up on my screen.\u00a0 Had I clicked on the installation file which started downloading immediately and if I hadn’t been protected by common sense (and if I’d have been daydreaming Emsisoft had my back) I’d have been infected with a Trojan or malware. And the trouble is most antivirus programs are absolutely useless when it comes to preventing this sort of malware.<\/p>\n

We have consistently told all of our readers to be wary, to not click things just because something says click to install. Always be sure of the site you are on, the URL of the ad being shown, and be very careful to read the dialog, you may find clues that tip you off that something in not right. And there are a couple of giveaways here. First if you look closely, it says “Pro”. Then it says I’m “required” to update my “Flash Player”. Adobe would recommend I update but would never say I’m required to update. Finally, the url showing in the browser’s address bar is from a scam site called simplecomputerupgrade\/.\/info (I’ve added slashes to prevent you from clicking on it and possibly getting infected), and when I tried to visit that site, it did not exist, meaning it’s a forged URL. This link may change at anytime – become active at anytime – with crooks & miscreants, you can’t count on anything. Anyway, this malware outfit and its download package are most certainly not affiliated with Adobe or Flash Player and you must be always be wary.<\/p>\n

If you use Google Chrome NEVER click on any Flash update – you don’t need it. Flash is built in to Chrome and it’s update automatically when Chrome updates.<\/p>\n

If you’re using Firefox, Internet Explorer, or something else, we don’t want to incite paranoia — we want to incite due diligence. Be wary when something appears on your screen out of nowhere, and for apparently \u00a0for no reason. There’s a better than even chance that’s it’s up to no good. Some fakes are poorly done and written in English even worse than mine – I tells ya!\u00a0 But some fakes, like this Flash Player fake, are done professionally – a lot of time was spent making this look like the real deal. It’s really hard to tell them from the real deal.<\/p>\n

The malware and Trojans that are installed by this kind of malware package could harm your computer, steal your passwords, and even cause you monetary loss.<\/p>\n

Now you’ve seen what this ruse looks like, we hope it will help you recognize it when you see it and keep you safe.<\/p>\n","protected":false},"excerpt":{"rendered":"

Beware – This Real Looking Flash Player Update Is\u00a0MALWARE This malware\/rogue has been around for a couple of years now. It faded away and is now back in full vigor. If you see this, then you could be in big trouble: It looks real but it is not. I was reading an article on Reuters and suddenly this\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1655,1462,1433,1669,1670,1656,1654,10],"tags":[],"_links":{"self":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/11195"}],"collection":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/comments?post=11195"}],"version-history":[{"count":1,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/11195\/revisions"}],"predecessor-version":[{"id":11196,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/11195\/revisions\/11196"}],"wp:attachment":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media?parent=11195"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/categories?post=11195"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/tags?post=11195"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}