Friday, June 21, 2013

Watch out for Adobe flash player spoof; info-stealing android trojan, and bitcoin mining

Webroot is reporting today that ads that play sounds or music may be coming from malware that can be planted by a spoof of an Adobe Flash Player update.

We all know that Adobe has taken up the corporate bad habit of overloading its products with unnecessary features which leave holes for malware.
   
But this seems to be a spoof, not at all from Adobe.  The Webroot threat blog explains how it works here.  It seems designed by its writer to generate invalid ad revenue.
  
But a few weeks ago, sometimes unwanted music would play from certain ads on the Weather Channel and a few other sites.  This would happen only in Windows 8 but sound suspiciously like a possible Trojan, difficult to catch.  But I don’t recall seeing an Adobe spoof that behaved as described in this blog post.

 Scans come up clean.

Webroot or other modern firewalls should stop this prompt.
   
The blog post describes how to remove this Trojan by deleting items from the registry.
  

There is a similar sounding cell phone Trojan called Android.RoidSec” which can steal loads of information, and Webroot is also reporting malware distributed by bitcoin mining.  

No comments: