HomeTech PlusTECH & OTHER NEWSFlash version distributed in China after EOL is installing adware

Flash version distributed in China after EOL is installing adware

adobe-flash-china.png

Although the Flash Player app formally reached its end of life on December 31, 2020, Adobe has allowed a local Chinese company to continue distributing Flash inside China, where the application still remains a large part of the local IT ecosystem and is broadly used across both the public and private sectors.

Currently, this Chinese version of the old Flash Player app is available only via flash.cn, a website managed by a company named Zhong Cheng Network, the only entity authorized by Adobe to distribute Flash inside China.

But in a report published earlier this month, security firm Minerva Labs said its security products picked up multiple security alerts linked to this Chinese Flash Player version.

During subsequent analysis, researchers found that the app was indeed installing a valid version of Flash but also downloading and running additional payloads.

More precisely, the app was downloading and running nt.dll, a file that was loaded inside the FlashHelperService.exe process and which proceed to open a new browser window at regular intervals, showing various ad- and popup-heavy sites.

flash-adware.png
Image: Minerva Labs

The spammy behavior obviously didn’t go unnoticed. Both regular users and other security firms noticed it as well.

Users complaining that Flash has now started showing popups have been spotted on the Adobe support forumseveral local blogs, and in many other places.

Furthermore, besides Minerva Labs, other security firms have also started picking up suspicious activity related to the FlashHelperService.exe. Cisco Talos ranked this process as its most widely detected threat for the weeks ending on January 14 and January 21, and the file also ranked in its Top 10 on the weeks ending on January 7February 11, and February 18.

This particular threat doesn’t impact western users since the Flash version they download from flash.cn won’t work on systems outside China, but in light of Minerva’s report, they shouldn’t even try to test it, as this may lead to installing adware and compromising the security of their systems/networks.

By ZDNet Source Link

Technology For You
Technology For Youhttps://www.technologyforyou.org
Technology For You - One of the Leading Online TECHNOLOGY NEWS Media providing the Latest & Real-time news on Technology, Cyber Security, Smartphones/Gadgets, Apps, Startups, Careers, Tech Skills, Web Updates, Tech Industry News, Product Reviews and TechKnowledge...etc. Technology For You has always brought technology to the doorstep of the Industry through its exclusive content, updates, and expertise from industry leaders through its Online Tech News Website. Technology For You Provides Advertisers with a strong Digital Platform to reach lakhs of people in India as well as abroad.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

spot_img

CYBER SECURITY NEWS

TECH NEWS

TOP NEWS