Thanks for the heads up and forthright information.
You’ll have to wait until the FTC settlement comes through.
I was running an adblocker when the very official Flash update page popped up. uBlock origin to be precise. With Malwarebytes. But I recognized it for what it was and after closing the page and reloading, it went away after the second or third try.
And yes, I did run a virus scan, just to be sure.
Same thing — load the menu briefly then to flash update page. So I updated flash via direct download in case they were using a new exploit, ran several scans from different programs and tried again later.
Thanks for the update.
Agree. This could be a good sign it’s time for BoingBoing to review and revise its approach to cluttering up the site with distracting ads, including the flashy “Top Articles” panel, spinning coins, and other visual junk.
As another example of the current confusion, I wanted to repost the vision of overcoming climate change (political rewilding) and couldn’t even get the first image, instead was only offered the Intercept and AOC.
Not the Bobo! Say it ain’t so!..ok, at least you said it was so. So, there’s that.
So who coughed up the creds?..do tell! (Oh, we couldn’t! SURE you could! We’re all friends here…)
I saw the same as you.
I decided to be bold and click the ‘install’ button. It went on to download an APK, and give instructions for how to bypass play store protections and install random APKs.
This I did not do but I did upload the APK to virustotal and hybrid-analysis
Do you think using Ublock origin and/or NoScript would reduce the chances this malvertising got someone?
In this case, from all appearances, as long as you didn’t install the malware being offered, you should not be affected.
opt in malware? almost nice in an old school way.
thanks for being transparent
Well that explains all the Flash windows popping up…
I mean this in the nicest way man I really do no insult intended but you are gullible as hell if you actually did that.
Bad. No. Don’t do that again. I have a personal hatred of malware people they are at the bottom of the hierarchy of scammers, just as mimes are the lowest hierarchy of Comedy. I dream of finding one and accidentally burning his house down as he stands outside and watches
What could possibly go wrong submitting my personal information to this entirely electronic corporation?
Nothing wrong with grabbing the payload and submitting it to relevant security folk. Dangerous though, given the install link itself may have been an exploit. Best to leave it alone.
Completely off topic: I was told sarcasm was the lowest form of humor. So are sarcastic mimes absolute garbage, comedically speaking?
On topic: like many other posters, I saw the pop up but didn’t click. I appreciate the transparency of letting us all know what happened. thank you.
Well this rules out the west coast.
No self-respecting Hackerman (or woman or otherwise) would be awake at 8:30 AM
I’m just kidding, I’d imagine most of the time this sort of thing is automated. I guess if they are trying to target random end users machines it is to build a botnet but who knows. I just know all the times I’ve ever run web servers at home I would get tons and tons of random HTTP requests coming in from China, Russia, etc trying to get to random admin page paths for common CMS systems.
but this was sufficient to track down the malicious activity and user account in question and react accordingly
I’m glad my spideysense noticed the weird redirect… i was quite inebriated at the time too
Did anyone download the installer? Kinda wish i did now but my money is that it would’ve just been your standard cryptolocker or RAT.
I’m gullible for downloading malware and detonating it in a sandbox to understand what it does?
I guess that makes me professionally gullible, because that’s a large part of what I do for a living.