Beware: Adobe Flash Is Under Siege!

Attackers are targeting both the traditional Adobe Flash application, and the recently pulled Flash for Android mobile app.

Adobe Flash has long been a prime target for hackers and malware developers. The virtually ubiquitous app seems to have plenty of weaknesses, and presents attackers with an appealing method of exploiting and compromising victims. Currently, both the traditional Adobe Flash, and the Adobe Flash for Android mobile app have caught the attention of attackers.Adobe Flash is a staple of Web browsing, and is essentially a de facto app installed on just about every Windows, Mac, and Linux PC. The mobile app has been a source of controversy between Apple and Adobefamously excluded from Apples iOS mobile platformhowever, Flash was trumpeted as a key selling point for rival Android devices.

Adobe released a new version of the traditional Flash software recently as a part of its regular quarterly update schedule. The update addressed security vulnerabilities in the software, but attackers still found holes to work with and Adobe quickly released yet another update for Flash a week later.

The current attacks against Flash involve a malicious Microsoft Word file attachment, which targets the ActiveX control for Flash in the Internet Explorer Web browser. Users should update to the most current version of Flash to guard against this threat, and both consumers and individuals should take advantage of the automatic updates feature in Adobe Flash to make sure the most recent updates are always installed.

On the mobile side, Flash may have been a good marketing tool as a knife to twist with customers weighing a decision between the two platforms, but the appeal quickly waned. Flash Mobile has been buggy, and performance has been flaky since its inception. Adobe recently announced it will no longer support Flash for Android, and the app was pulled from the official Google Play store.

The problem for users is that Adobe may not be supporting Flash for Android any longer, but that doesnt mean there arent versions available out there somewhere. One of the benefits of Android for many users is its openness, and the fact that apps can be downloaded from a diverse array of third-party sites outside of the official Google Play store.

Attackers know this as well, though, and take advantage of it. Preying on the popularity and demand for Adobe Flash, and the naiveté of average users, attackers have unleashed an avalanche of rogue and malicious apps that appear to be Flash or some suitable equivalent.

Some of the fake Flash apps are more nuisance than threatopening an app filled with ads, or redirecting users to a website with ads. Apps like these generate money for the attackers by surreptitiously forcing people to the ad sites, which in turn pay the attackers for the traffic. Some of the fake Flash apps are more insidious, thoughTrojan horse attacks that seem to be Flash but instead install malicious apps.

While it may seem like Adobe Flash itself is the problem, that isnt entirely the case. No software is perfect, and Adobe became a popular target more as a function of its success than its weaknessesthe fact that it is available on almost every platform and device makes it a sort of Holy Grail for attackers.

The lesson to take away, though, is not to avoid Adobe Flash. The lesson is that attackers are clever and will find ways to exploit popular third-party applications to circumvent security controls. You need to have a strong cross-device security solution to detect and block threats like these, and protect you from attacks.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Charles Ripley

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place