Flash Udate Bug

  andydgra 11:55 05 Mar 2014

This started yesterday and is now on all computers in the house. Connect to internet with Chrome or IE and enter facebook.com as url, few others will connect or do anything at all, some connect and show the page although very slow. All that opens is the little box saying update flash, then when closing it opens a UPDATE FLASH PLAYER page and offers to download an update, but the url still states facebook.com, so I don't want to run anything from the page. It's now on all computers that connect to the router in the house. I've ran trend, jrt, adwcleaner and mbam.

  Secret-Squirrel 16:47 05 Mar 2014

"......and is now on all computers in the house..........It's now on all computers that connect to the router in the house"

It sounds very much like your router's been hacked, or more precisely, your router's been hacked and its DNS servers have been changed. That would explain why when you visit facebook.com, the webpage you get is clearly the wrong one.

To try and solve the problem, log into your router and go to the DNS server settings for the WAN interface. You'll probably find a couple of rogue addresses there, and if you do, set it to the option to get the server addresses automatically from your ISP.

If you that's too difficult for you then reset the router back to its factory settings. Note that afterwards you'll need to set it all up again from scratch.

If you succeed and the problem goes away then post back and I'll tell you how to prevent this from happening again.

  andydgra 20:37 05 Mar 2014

wouldn't connect to the internet and dns on routher was set to isp auto, did a reset to factory settings, made no difference. Gave up and bought a new router/modem. It was a cheap modem I'd bought a few years ago. New router/modem and all connected fine, so far no pop ups. Thanks for your help.

  Secret-Squirrel 08:17 06 Mar 2014

"......dns on routher was set to isp auto, did a reset to factory settings, made no difference...."

I'm surprised by that as it's clear to me that your router had been tampered with and connected devices were being directed to rogue websites that were trying to to deliver malware via a fake Flash update.

To prevent this from happening, make sure you've assigned a strong router-access password and you never allow your web browser to save that password. There are still a lot of routers in use that have a default password of "admin", "password" (or no password at all) and all it takes is a simple script on a rogue website to access your router and modify its settings. Other scripts can also use the router password saved in your browser to gain access to your router.

  andydgra 12:47 07 Mar 2014

the password was random numbers and letters, I can only assume one of the fixes I ran set the router back to factory settings, no problems with new modem/router.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

WPA2 Hack Latest News: How Secure is your Wi-Fi?

Photoshop CC 2018 released with new Curvature Pen and better brush tools

Best kids apps for iPhone & iPad

Comment utiliser Twitter ?