Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: Hackers exploit Flash in one of the largest malware attacks in recent history - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Hackers exploit Flash in one of the largest malware attacks in recent history
Quoting Yahoo Security: In case it wasn’t clear yet, Adobe’s Flash isn’t exactly the safest tool for delivering Internet content. Hackers are already more than aware of the software’s security issues and are happy to exploit them for various malicious purposes. That’s exactly what happened in late July when hackers used Flash to infect Yahoo websites with malware in what has been described as one of the largest malvertising attacks seen in the recent months. DON’T MISS: Latest big iPhone 6s leak finally answers the question on everyone’s mind The attack was first discovered by a security researcher at Malwarebytes, The New York Times reports. Hackers deployed the malware on July 28th, targeting Yahoo’s advertising network for a week before the company put a stop to
Yahoo Security
This is Yahoo's reporting, apparently in response to a malvertising campaign using Yahoo's advertising network, originally reported on the Malwarebytes blog at: blog.malwarebytes.org/malvertising-2/2015/08/large-malvertising-campaign-takes-on-yahoo/ Brad

271 Posts
ISC Handler
I apologize that this is going to be long but I think we need to out these crooks as often as possible. First let me say I am really grateful I found malwarebytes after researching what happened to me last week. Frankly I found little usable information on the Adobe forum or the Apple help forums which was disappointing. I was able to clean up my system using the free download file from malwarebytes though.

Yesterday my 80 year old sister fell prey to one of the the scams but worse. She was looking for something and clicked on a link and the ‘Adobe Flash’ update downloaded automatically to her desktop. She didn’t click on it but the next time she launched her browser the box popped up warning her she had a virus and it locked her browser. I think this is noteworthy. She didn’t install and it still embedded.

Unfortunately she called the number on the pop up and talked to a “tech” named Jason who promised he could ‘clean’ her system for $99.99. She gave him her debit card and let this complete stranger have control of her computer. [arghhhh]

Her granddaughter called me later when she found out to tell me what happened. I went there and dumped the Flash dmg and had her check her bank account. The debit withdrawal was from Worldgate Solutions, LLC SO Fremont CA. I looked it up and found that it was registered in July 2015 and is owned by Manish and Schruti Rustagi. Today I took her to the bank to report this and get her debit card replaced. I checked her applications folder and library and found that ‘Jason’ left Sophos Anti-Virus software behind. He told my sister he put up a ‘firewall’ for her. I took it all out. I’ll upload the malwarebytes app after we upgrade her hard drive.

I have noticed this feeding frenzy is on the uptick, as more people are falling for the scams that are becoming more sneaky and aggressive. Mac folks are especially vulnerable because they have lived under the long held delusion that Macs are virus proof.

The worst thing is that there are not enough warnings out there from the very systems support sites you’d expect would be up to date on this growing problem. I believe the various forms of this come in all manner of ways. I’m extremely careful about where I click and I do a lot of vetting before I believe a ‘free’ download is what it claims to be. I believe my attack came in on a pop up ad that I tried to close. Hit the ‘X’ and it downloads. When the frenzy of pop ups started and I realized what happened I checked my applications folder and noticed the mackeeper logo in there too. I immediately dumped it. But I still had to have malwarebytes clean up the hidden stuff that I didn’t know what to look for. I’m most grateful for this and plan to upgrade.

Sadly the Net has become a den of greedy thieves. :-[ My sister pay $100 for her hard lesson. I’m hoping I have done all the right things here.
Meemanator

1 Posts

Sign Up for Free or Log In to start participating in the conversation!