Recent Posts

Community

Email Notifications

Personal Links

Archives

Harry Waldron - IT Security

Security Developments, Software Updates and Best Practices

Imageshack Adobe Shockwave Flash Attacks in-the-wild

Email Major spam runs have occurred with files pointing to Imageshack, a major image hosting site.  Folks need to be careful of any URL or file received in email that ends with an SWF extention.  

More Spammed ImageShack SWF URLs
http://blog.trendmicro.com/more-spammed-imageshack-swf-urls/
http://blog.trendmicro.com/spammed-swf-urls-abuse-imageshack-lead-to-rogue-av/
http://www.theregister.co.uk/2008/09/04/spammers_using_adobe_flash/

QUOTE: The technique used in the spam has two things going for it: (1) the use of SWF instead of EXE and (2) the use of an ImageShack-hosted file, both of which may suggest to normal users that the file is possibly harmless. So it seems the siege of rogue AV is not only not dying down, its proponents are becoming more creative in their “advertising” schemes.

More importantly, everyone should ensure they are on the latest version of Adobe's Flash, as this will help prevent malware infections from these attacks.  It is important to move to the latest version of Flash if prompted or manually update if you are not on version 9.0.124.

Adobe test site which will show latest version (should be 9.0.124)
http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_15507

How to manually update if needed (be sure to uncheck Google Toolbar)
http://www.adobe.com/products/flashplayer/

Posted: Sep 08 2008, 10:10 AM by Harry Waldron | with no comments