Think about this for a second with me. When is the last time you updated your Adobe Flash?
Don’t remember? That’s because Flash was permanently discontinued back in 2020.
Even before that Adobe depreciated the app in 2011. Some could even argue that the real shift happened when html5 was released in 2008.
No matter which way you look at it, while Flash was once a staple in browsers and websites, it has not been in wide use for many years: 2, 9, or even 14 years.
So why did you just get a popup saying that your Adobe Flash is out of date, and you need to update it?
Because it’s malware.
There is a wave of popups going around the internet right now, prompting you to update your Adobe Flash. If you do, you install a malicious browser extension called Cloud9.
It is targeting multiple browsers and has already spread worldwide. All of the affected browsers are chromium architecture; Chrome, Edge, Brave, Opera to name a few.
Cloud9 will not leave you feeling like you are on cloud 9.
Your device will now be a slave to Cloud9. It will take all your system data, use your cookies to hijack valid user sessions on accounts, install a keylogger to steal all the information you type (and therefore compromise accounts you log into), use your system for mining cryptocurrency, and use it for performing DDoS attacks on websites.
The one that really gets me is that it will silently load webpages to generate ad impressions and earn ad revenue for the culprits behind it. Talk about salt on the wound.
These types of attacks are not always obvious because it may look like a genuine request.
How do you protect yourself? And your business?
Make sure your browser is up to date. Google’s official response states to make sure everybody uses an up-to-date browser.
Additionally, they recommend turning on Enhanced Protection under the browser’s Privacy and Security settings. This provides an on-screen warning if you navigate to a risky website.
Be sure to update everybody of this threat. The more they are aware, the more they will pay attention to this and any other threat lurking. We gave the same recommendation when the malware posing as Zoom popped up.
Don’t just click and go. Stop and think before you proceed. Like this specific threat, if you realize that Adobe Flash is no longer in use then you would realize this must be a trick.
If you need help getting all your devices patched and up to date, or need some cybersecurity training for your team, schedule yourself a meeting on our live calendar.