Fake Adobe Flash players persist
Published August 23rd, 2013 at 10:42 AM EDT , modified August 23rd, 2013 at 10:43 AM EDT

Another fake Flash player has been discovered, and it turns out it has been seen and reported by users on the Apple Support Communities for at least a month. This player is downloaded from sites that tell the user that they need to update their Flash player, and comes in the form of a file named “FlashPlayer11.safariextz,” which users must install themselves (by double-clicking it).
This extension, like other recent Mac malware, is signed using a certificate from a valid Apple Developer ID. At this point, fortunately, the certificate used to sign the extension has been revoked, so the extension will no longer install if downloaded. (I tested this on a system that had not been updated recently, and even there the extension refused to install.)
This extension, should you have it installed, causes ads to appear on sites that should not normally have ads, and may replace existing ads with others. Often, the ads are pornographic in nature. Removal is easy… simply view all installed extensions in your web browser and remove any claiming to be Flash player. (The real Adobe Flash Player does not install as a browser extension.) In Safari, this is done through the Extensions pane of Safari’s preferences window. Other browsers will work similarly.
Intego VirusBarrier is identifying this as malware, and is calling it OSX/ClickAgent.FLA. For more information, see Intego’s blog post on this topic.
Tags: Fake Flash Player, OSX/ClickAgent
4 Comments
This post is more than 90 days old and has been locked. No further comments are allowed.
Flash Player scams combined with pornography? Seriously? These hackers are really lacking in originality… copying parts of the two biggest Mac malware outbreaks. Tell me when this thing starts stealing credit cards and using Java loopholes….
One of the first reports I read said that the sites which ask the user to download and upgrade flash were pornographic sites, so it sounds to me as if they probably have the right audience targeted.
Why can’t we just look at pornography in peace, without having to deal with this crap?! 😀
Sorry for my poor English, but I’m still learning.Hmmmm… What I have to say?
This is exactly what I had been looking for. . I love the style where it is used on this web page Cheers :))