Malware often use many techniques to manifest itself onto their host. Recently, Sophos analysts have discovered a piece of malware masquerading itself as a flash player plugin for the Firefox browser (detected by Sophos as Troj/FFSpy-A).When the file runs, it pretends to install the adobe flash player for your browser. The installation process can be seen below:
Upon restarting Firefox after the installation is complete, Firefox shows an extension has been installed as “Adobe Flash Player 0.2″ as shown below:
Troj/FFSpy-A monitors your Google searches and sends this information to a remote server. It also inject ads into the web pages you are viewing based on the keywords you have used in your search.
This piece of malware seems to be spreading itself via internet forums pretending to be the installation file for the adobe flash player. To reduce the risk of infection, the user should avoid downloading executables from unknown and untrusted sources.
thank you for the heads up, FreewheelinFrank.
Thanks for the info FreewheelinFrank ;D
I found this info about the above problem and thought i will post them. hope it sheds some light .
The first link i check on a regular basis and found it a great site.
Today was the first time i have gone to the Mozilla security blog site.
Found this on Donna’s SecurityFlash: http://msmvps.com/blogs/donna/archive/2009/09/04/mozilla-to-protect-adobe-flash-users.aspx
Also on Mozilla Security Blog: http://blog.mozilla.com/security/
Edit: i will have to correct myself as i said it applys to what FreewheelinFrank had posted, what i meant to say was it should help in encouraging people to have the latest adobe flash player.
Does not help with the Malware FreewheelinFrank has posted about.
Sorry for any confusion i may have created :-[
I think that’s a separate issue- Firefox checking for an insecure legitimate installation of Flash. This is a malicious program posing as a Flash installation.
You are correct FreewheelinFrank
So sorry about that, but i can not change it now though :-[
No worries. What you posted is still useful to know for Firefox users.
Cheers ;D