Home » Alerts » Beware! A Bogus Flash Player Website is Distributing Ransomware

The Jerk ransomware, like all other ransomware, alters user data and asks a hefty ransom in return for the key that decrypts the original data.

A version of this ransomware referred as ‘thor’ was recently seen being distributed through a forged ‘Flash Player Update’ downloading site that was seen by the name ‘freshupdate.com’. The spreading of unwanted software and PUAs via such fake updates has been seen on several other occasions too. This spreading method only goes to show how hackers are trying hard to enhance their target area. If you see, the word ‘flash’ has been wrongly mentioned in the domain name – ‘freshupdate.com’.

ransomware

What occurs when a user visits this fake website?

When the users log in the website or browse the website. They are welcomed by a fake web page saying ‘Your Flash Player may be out of date’. To a usual, innocent user, this web page will look precisely like the genuine Adobe site.

Almost immediately, the fake page gets automatically forwarded to a malicious URL, which then begins downloading the Jerk ransomware variant on the user’s PC.

The malicious executable file is downloaded with the name ‘FreshPlayer.exe’ and displays the icon of the genuine Flash Player to dupe the user.

Seeing the harmless-looking icon, when the innocent user thinks this file as a genuine one and runs it, the ransomware begins scanning the infestedPC for file types that it supports and encodes them. The malware adds the ‘.thor’ extension to the encoded files and this is followed by the ransom note.

How AVG helps?

AVG’s inbuilt Browser Safety proactively blocks entrance to hateful URLs/websites that can activate the download of ransomware and other malware on your PC; in this case, it clogged the URL ‘freshupdate.com/dow7878nload/flashplayer.exe’

How to be safe against ransomware threats?

  • Before browsing any website, always check its URL; look for spelling mistakes and rubbish characters.
  • Do not click on links or download files that reach in emails from unwanted, unidentified or unforeseen sources.
  • Apply all suggested security updates (patches) to your Operating System, and packages like Adobe, Java, web browsers, etc.
  • Do daily backups of your files. Remember to remove the Internet when you are backing up on a hard disk. Unplug the hard drive before you go online again.
  • Avoid using obsolete web browser plugins or plugins that you do not use any longer.
  • Invest in antivirus software that comes with multiple layers of security such as Web Security that blocks infected websites, Email Security that blocks infected emails, Phishing Protection that blocks fake and phishing websites, etc.
  • You can use the AVG Antivirus, for device security as it is one of the best Antiviruses in the market. The features it provides are outstanding and after sale service is also amazing. You can call AVG Tech support for any assistance regarding the functionality and working of AVG Antivirus. The technician will take the remote access of your device and will assist you in a very simple manner.
  • Always keep your antivirus software up-to-date to stay safe against new threats.