Useful information for those running Wordpress. In our case we have brute force prevention and TOTP 2FA integrated into our login. Wasn’t enough in this specific case, but definitely a step up from what folks face with default installs.
6 Likes
Saw that on mobile and I saw an fake Adobe Flash install page on desktop
1 Like
Came here to say something similar.
Details on the malware please.
1 Like
I got a pop-up on my phone that was asking me to update “Google Play Protection” or something along those lines. It immediately struck me as suspicious and i just closed my browser, 2 more reloads of the site gave me the same thing until i clicked back on the browser and then loaded BB fresh. Oddly enough i didnt get anything on desktop but i do have 2 separate ad blockers so there’s that. At the time i thought to submit an email or do a post to make sure staff knew something was up but my attention span is awful and i immediately forgot.
Good to know this was something that was caught and i hope everyone was able to avoid any shenanigans.
4 Likes
Thanks for the heads up and forthright information.
6 Likes
You’ll have to wait until the FTC settlement comes through.
4 Likes
I was running an adblocker when the very official Flash update page popped up. uBlock origin to be precise. With Malwarebytes. But I recognized it for what it was and after closing the page and reloading, it went away after the second or third try.
And yes, I did run a virus scan, just to be sure.
4 Likes
Same thing — load the menu briefly then to flash update page. So I updated flash via direct download in case they were using a new exploit, ran several scans from different programs and tried again later.
Thanks for the update.
1 Like
Agree. This could be a good sign it’s time for BoingBoing to review and revise its approach to cluttering up the site with distracting ads, including the flashy “Top Articles” panel, spinning coins, and other visual junk.
As another example of the current confusion, I wanted to repost the vision of overcoming climate change (political rewilding) and couldn’t even get the first image, instead was only offered the Intercept and AOC.
6 Likes
Oh, MAN…
Not the Bobo! Say it ain’t so!..ok, at least you said it was so. So, there’s that.
So who coughed up the creds?..do tell! (Oh, we couldn’t! SURE you could! We’re all friends here…)
I saw the same as you.
I decided to be bold and click the ‘install’ button. It went on to download an APK, and give instructions for how to bypass play store protections and install random APKs.
This I did not do 
but I did upload the APK to virustotal and hybrid-analysis
(reports at VirusTotal
and
Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'setup-9.3.7-5840.apk'
for the curious)
13 Likes
Do you think using Ublock origin and/or NoScript would reduce the chances this malvertising got someone?
In this case, from all appearances, as long as you didn’t install the malware being offered, you should not be affected.
6 Likes
opt in malware? almost nice in an old school way.
thanks for being transparent
9 Likes
Well that explains all the Flash windows popping up…
1 Like
I mean this in the nicest way man I really do no insult intended but you are gullible as hell if you actually did that.
Bad. No. Don’t do that again. I have a personal hatred of malware people they are at the bottom of the hierarchy of scammers, just as mimes are the lowest hierarchy of Comedy. I dream of finding one and accidentally burning his house down as he stands outside and watches
What could possibly go wrong submitting my personal information to this entirely electronic corporation?
Nothing wrong with grabbing the payload and submitting it to relevant security folk. Dangerous though, given the install link itself may have been an exploit. Best to leave it alone.
10 Likes
Completely off topic: I was told sarcasm was the lowest form of humor. So are sarcastic mimes absolute garbage, comedically speaking?
On topic: like many other posters, I saw the pop up but didn’t click. I appreciate the transparency of letting us all know what happened. thank you.
4 Likes
