Posts tagged "malware"

How We Work to Protect our Brand and Users 

A recent report  by  Citizen Lab  uncovered that commercial spyware was used to trick users into thinking it’s a legitimate Adobe Flash Player update. Unfortunately, this malicious download took Flash Player and repackaged it to include spyware. We have contacted the relevant service providers to request that the systems used to support these activities (e.g., email accounts and domain names) be suspended.  Make no mistake, these activities are illegal and Adobe actively works to protect its users against such deceptive and harmful malware. 

Adobe Flash Player is one of the most ubiquitous and widely distributed pieces of software in the world, and as such, can be a target of malicious activity. We take the security of our products, technologies and customers very seriously. Protecting Adobe’s trademarks from this type of abuse is vital to our brand and our users. Adobe commits considerable time and resources to these efforts — even participating within the Internet governance processes before the Internet Corporation for Assigned Names and Number (ICANN) to help develop, among other things, rights protection mechanisms (RPMs) aimed at safeguarding brand owners and their users from this very type of abuse.

It’s important to note that the spyware  does not affect Adobe products and services. The repackaged software is a completely separate process on the victim’s machine. The Adobe brand is merely used for social engineering purposes.

Adobe continually works with our partners to help protect users from malicious downloads and to remove the need for users to manually update Flash Player. For instance, with Google Chrome browser, Flash Player updates are seamlessly delivered via the Chrome auto-updater on all operating systems. For users who prefer to manually update software, the latest version can be found here: https://get.adobe.com/flashplayer/. 

We encourage customers and other members of the security community to report new vulnerabilities, abuse and misuse directly to the Adobe via the Security Alert Us page. 

We’re grateful for the work of groups such as  Citizen Lab  and ICANN, and will continue to support their efforts.

Brad Arkin
Chief Security Officer (CSO)

Mass Customization of Attacks Talk at RSA

Business consultant Stanley Davis defined mass customization as the “customization and personalization of products and services for individual customers at a mass production price.” Anyone who has ever ordered a custom PC is no stranger to mass customization: that particular combination of components wasn’t assembled into a PC until the customer initiated an order.

As we responded to zero-day exploits in the past couple of years, we took stock of some of the properties that separated them from mass malware, which affect older, patched vulnerabilities. For example, we noticed zero-day attacks starting to target more than one version of a platform on one or more operating systems. In addition, we observed that zero-day attacks contain more than one exploit possibly affecting multiple vendors’ products. Our thesis can be stated as follows: The exploit creation industry is maturing; by combining the features of mass malware with multiple zero-day exploits, they can create mass-customized attacks.

 masscustomizedattacks

 

We expand on this thesis in our upcoming talk at the RSA 2014 conference and use several case studies to prove it.

If you’re going to be attending RSA on Tuesday, Feb. 25, please swing by our talk at 2:40 p.m. in the West Room 3006. We look forward to sharing our research and the conversations with our friends and partners in the industry!

Peleus Uhley, Platform Security Strategist
Karthik Raman, Security Researcher