Home Malware Programs Trojans Trojan.FakeFlash.A

Trojan.FakeFlash.A

Posted: March 13, 2014

Threat Metric

Ranking: 6,609
Threat Level: 9/10
Infected PCs: 3,136
First Seen: March 13, 2014
Last Seen: October 15, 2023
OS(es) Affected: Windows


Just as you'd anticipate from its name, Trojan.FakeFlash.A is a fraudulent Flash update that uses its disguise to install browser-compromising threats on your PC. Trojan.FakeFlash.A utilizes Facebook accounts for distributing itself and incorporates the accounts of its victims into its infection vectors, which makes Trojan.FakeFlash.A easily able to spread through its auto-posted fake video links. Facebook users are recommended to keep a particularly sharp eye out for misleading tactics resembling Trojan.FakeFlash.A's links, and scan their PCs for threats to remove Trojan.FakeFlash.A's payload after any interaction with this fake update.

The Risque Threat 'Flash' that's in Your Facebook

Fraudulent Flash updates are a mainstay in the arsenal of most threat authors, but there comes a dilemma when it's time to decide how to force victims to come into contact with these updates. The persons responsible for Trojan.FakeFlash.A attacks have chosen Facebook as their distribution vehicle of preference, and even included further exploitation of that platform in Trojan.FakeFlash.A's payload. Initial attacks are disguised as fake nude video links from already-hijacked Facebook accounts, with the link titles modified to reference a random entry in the first victim's friends list.

Instead of delivering you to the promised land of illicit erotica, clicking these links will subject you to a fake error page that implies that the Adobe Flash Player has crashed. You then are offered the choice to download and launch Trojan.FakeFlash.A, which is disguised as 'FlashPlayer.exe.' Trojan.FakeFlash.A installs threats that hijack your Facebook account to distribute new posts for itself. Photographs from the account also may be collected and added to any Trojan.FakeFlash.A links, giving the hoax an additional layer of authenticity.

Other attacks from Trojan.FakeFlash.A and its payloads are, as of yet, unknown, although malware researchers commonly find fake Flash updates associated with high-level threats, such as spyware, backdoor Trojans and rogue anti-malware suites.

Closing the Book on the Next Fake Flash Tactic

Since Trojan.FakeFlash.A may use more than one means of compromising PCs that are exposed to its download request, malware researchers advise you to scan any computer that's had a random encounter with Trojan.FakeFlash.A. This is also applicable to any other 'Flash update' strategy, such as the 'Problems have been detected with your Flash Player version' Alert, Adware.Agent.npo or the 'Flash Video Downloader is Required to Download Online Video' Pop-Up. Removing Trojan.FakeFlash.A's threatening software always should utilize proper anti-malware tools to counter its efforts at avoiding all standard deletion methods.

However, Trojan.FakeFlash.A also shows the importance of simple communication in social networks. Facebook contacts should be alerted to any suspicious posts resembling those of Trojan.FakeFlash.A attacks that may come from their profile. Most PC threats that hijack social networking profiles also will put efforts in place to prevent the victim from becoming immediately aware of the hijacks, which may require outside intervention before a problem is detected.

Loading...