Security researchers report on the Chinese Flash app including the advertising module
Although Adobe has announced that it will officially stop the operation of Flash Player on December 31, 2020, Adobe chose to find a Chinese Internet company to maintain operations.
Zhong Cheng Network is the official partner of Adobe. After Adobe officially stops updating, users can download the latest version of Flash by visiting flash.cn on Zhong Cheng Network.
However, at the beginning of this month, a report issued by the Israeli anti-virus company Minerva Labs stated that the Chinese Flash app caused multiple reports of its security products.
Later, a security researcher from Minerva Labs downloaded the latest version of Flash from flash.cn and found that this special version is available, but it will silently download a file named nt.dll in the background, and then load the file into the FlashHelperService.exe process, and then the user can see that an advertisement window pops up on the computer desktop from time to time, displaying various articles and advertisements.
In addition to Minerva Labs, several other security companies have also noticed this problem. For example, Cisco Talos has also included the Chinese Flash app as a widely monitored security threat.
According to the media reports, users outside of China cannot use it even if they download the Chinese Flash app.
Via: ZDNet