Every beginning has an end, and in the technology world, this cycle has never moved more rapidly. We hear about new computer software and hardware every day, while yesterday’s creations often become obsolete.
For instance, Microsoft has already settled on killing Paint app after 32 years of including it in the Windows OS by default. And on July 25th another IT giant Adobe has announced about shutting down their long-term Flash project.
The company plans to stop the distribution and support of the software by the end of 2020 and suggest transferring Flash-based content to the new HTML5, WebGL, and WebAssembly formats.
Over the years, Adobe Flash has served for the web browsing, gaming, and artistic purposes. Nevertheless, security-related issues were always a major problem that persisted and often foreshadowed the beneficial aspects of the software.
What is more, Adobe Flash was often taken advantage of by fraudulent third parties, who used the program’s functional potential or simply its name to carry out cyber-crime.
We will list a few ways hackers and online scammers put Flash to use below:
- CVE-2016-0189, CVE-2016-1o1o, and CVE-2015-8446 vulnerabilities allow exploit kits such as Angler, Magnitude, Rig Neutrino or Sundown to break into computers and take over their control directly. This often leads to the installation of worms, espionage software or ransomware.
- Fake Flash Player update notifications are not designed to exploit software vulnerabilities but rely on social engineering techniques to trick users into thinking their Flash software is outdated. Inexperienced users may then download bogus .exe files voluntarily and contaminate their PCs with a variety of different malware, including ransomware.
- Finally, SWF, FLV and FLA formats which typically mark Flash files can be obfuscated and contain a compromised script which, when opened, activates malicious or even destructive processes. This way, trying to open a Flash-based game or some different can end with a corrupted computer.
We can only hope that formats which will replace Adobe Flash will be more reliable and less vulnerable than their predecessor and we will witness less of the successful cyber attacks in the future.
Ugnius Kiguolis is the founder and editor-in-chief of UGetFix. He is a professional security specialist and malware analyst who has been working in IT industry for over 20 years.
