Have you visited a website lately and had a message popup that you require an Adobe Flash update? If you haven’t yet, you probably will. When you get a message like this, be very careful with it. This bogus Flash update is the latest way the bad guys are getting people to download malware onto their Windows computers.
The malware in this case, called System Progressive Protection (SPP), is particularly nasty and can be very difficult to remove. Even worse, most of the anti-virus programs out there don’t recognize it yet. A report on MalwareBytes‘ Newest Rogue Threats forum indicates that when tested, only 6 out of 46 anti-virus packages identified an infected test file as containing malware and none of those six could agree on what the infection was. Needless to say, this is disturbing!
So, how do you know if your Adobe Flash player really needs to be updated? Visit the Adobe Flash site and download any updates from there. Some browsers, including Google Chrome, have the Flash player built in and will update automatically on their own. If your browser is one of these, you’ll see a message to that effect on the Flash site. In short, turn down any “help” from websites.
So far, SPP has shown three methods of distribution including the bogus Adobe Flash update mentioned above. The other two are easier to detect, fortunately, and simply require the normal common-sense approach to web surfing.
The first of these alternative methods is the classic popup window that warns that your computer is infected and lists a whole raft of known malware infections that allegedly have your computer in their nefarious grip. The popup graciously offers to rid your machine of these scourges by downloading and activating their “cleanup program”, which is, of course, actually the malware. In this case, you would need to first download and then install the malware package and unless you’re totally asleep at the switch it’s not likely you would complete these steps voluntarily.
The second reported method is the download of a “missing” codec (coder-decoder protocol) for viewing a video online. While there are instances where a video is in a format that requires a specific codec (coder-decoder protocol) to play it, it’s unusual and should be a red flag. In short, if you’re surfing for videos and get a message that the video you want requires a particular codec, assume the worst and avoid that video until you can verify it. A better strategy is to download a “universal” video player such as VLC Media Player. If VLC can’t play it, you probably don’t want to be watching it anyway.
As always, be careful out there! Hopefully, the anti-virus folks will get their act together and identify this malware before it can get onto a machine. Until then, the offense is a step ahead of the defense once again.