Adobe shockwave update check2/20/2023 ![]() Would SSL help here? Yes, but again only if users pay attention and in this case they would first have to be trained to check for it when downloading files, and that’s another story. ![]() Although it’s extremely easy to see the fake web site (the URL was visible in the Address bar), the question is how many users would really do this. Once Store is up, look for the Solitaire app, then check if. ![]() Technically this attack wasn’t even worth the diary, however, the appearance could probably fool a lot of users. The downloaded malware contains a full installer that, when tested on VirusTotal, had very low detection. The Check Plugin behavior allows you to check for the existence of Adobe Flash, Apply QuickTime, RealNetworks RealPlayer, Adobe Shockwave, and Microsoft. This JavaScript disables right click so you can’t use this context menu for any actions. After this notice, the user is redirected to a web site hosting a complete replica of the Shockwave Player Download Center, as you can see below:Īll the links on this web page lead to Adobe’s web site except for one (I’m pretty sure you can guess which one).īesides creating a really nice replica of Adobe’s web site, the bad guys also added this little JavaScript to it:įunction clickIE() ĭocument.oncontextmenu=new Function("return false") When visited, the web page in question (a game site related to RuneScape) shows couple of broken icons and all links just point to another web page that conveniently inform the user that his version of Macromedia Flash Player needs to be updated. Shortly, it’s pure social engineering – the user is actually encouraged to install the malware himself. However, the web site submitted by Jason didn’t have any such elements and I actually forgot about it until we heard again from Jason who managed to find out what happened here. In almost 100% of cases the bad guys lately just insert hidden iframe links which point to web sites hosting various exploits. When we get reports of web pages like this one, I typically first download the web page with wget (faking the User Agent field, of course, so the target site thinks I’m using Internet Explorer). Mac users will need to find a friend with a Windows 7 (or later) PC. ![]() The update application currently is only supported by Windows 7 (or later) PC's. ![]() One of his users visited the web page he submitted and subsequently got infected with a Trojan horse. If you have any questions or problems relating to Shockwave, please contact. Jason Frisvold wrote to us about a suspicious web page. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |