For the past week or so I have been getting a popup window in Safari (13.0.4, macOS 10.14.6) with the URL checkupdate.spaceofpages.info… saying my Adobe Flash Player is out of date and offering to download and install the latest version.
Running DetectX finds no adware on my computer.
Anything else I should do?
Any way to prevent the popup?
Thank you,
David
In most cases, such popups are caused by javascript embedded into an advertisement on the site you are visiting (so-called malvertising), not by anything on your computer.
The only ways to prevent it are to not visit that site or install a good ad-blocking extension in Safari and any other browsers you use.
There’s a slim possibility this is a new variety of adware, which isn’t known to DetectX yet. If you continue to see the popups after taking the above steps, contact Sqwarq Support.
Never, Ever reply/click on any email link. Period. Simply hovering over an email link should show you the actual URL (which I’m willing to bet does not contain “adobe”). Adobe is still an ongoing business, despite the fact that Flash is mostly dead (thank goodness). So, go directly to Adobe and search for the latest Flash Player. That’s all you need for any site that has not yet been convinced to avoid Flash like the plague. 
Hmmm, I’ve never heard of DetectX
Got this when I went looking for it:
Blockquote
Download blocked: https://s3.amazonaws.com/sqwarq.com/PublicZips/DetectX_Swift.dmg
I can assure you that DetectX Swift is a legitimate and effective application that is in no way a scam. I have known the developer for probably a decade now, going back to his days as a leading expert on AppleScript and probably the single best expert on the complete removal of MacKeeper, which courts found to be a scam app.
Was that the Firefox or Chrome version of Browser Guard? I’ll be reporting this to Malwarebytes (and Phil Stokes) as a False Positive.
For what it’s worth, a few days ago I decided to remove all website data stored in Safari, as mentioned here:
https://macsecurity.net/view/227-adobe-flash-player-update-mac-virus. (Ignore the “virus” terminology.)
Since then the problem hasn’t returned.
David
Go to adobe.com, update your flash player from the source. Let it update on its own. And web sites that then pop that up you should close out, it will install malware on your computer.
Go to adobe.com, update your flash player from the source. Let it update on its own. And web sites that then pop that up you should close out, it will install malware on your computer.
Thank you for the suggestion, but my problem was not how to update Flash – it was how to get rid of a Flash malware popup.
I explained how I did that in my previous message.
David
Unless you have a strong/compelling reason to have Flash on your computer, I strongly recommend removing it entirely.
Flash is a security nightmare, a resource hog, and even Adobe is trying to get rid of it (three years ago, they announced the end-of-lifei, effective in 2020 [https://blogs.adobe.com/adobeconnect/2017/07/adobe-connect-on-web-conferencing-open-standards-and-the-end-of-the-flash-player.html].
I’ve been Flash-free for well over a year now, and haven’t run into any impediments. Ditto for friends and family I’ve given the same advise to. Any Website worth the paper it is printed on has migrated away from Flash by now.
Getting rid of Flash will solve your problem completely (and will likely prevent others in the future).
Although your suggestion is great, it doesn’t relate to the OP’S issue in any way. Those faked malware pop ups occur independent of whether you have Flash Player installed or not.
I’ve found that Antivirus Zap, https://antiviruszap.com/, is an inexpensive solution to this problem.
Been running it since early March 2019 after reading about it in the UK version of MacWorld https://www.macworld.co.uk/review/security/antivirus-zap-for-mac-review-3672165/
If you have Flash installed, there should be a Flash preference pane in System Preferences. You can update Flash from here, if an update is available. This doesn’t solve the popup issue, but it insures you have the latest version of Flash, if you need it.
As you stated, this doesn’t solve the OP’s problem which has nothing at all to do with whether he has Flash Player installed or not.
Wait. What?
Website blocked: macsecurity.net
In general I would agree, although there are a few web sites that require it. If you have to/want to visit those sites, another way is to use your browser’s controls to disable Flash except for those specific sites that need it.
In Firefox, click Tools -> Add-ons. Then click the Plugins tab (left side of the screen). Set Shockwave Flash to “Ask To Activate”. When you visit a site that has Flash content, you’ll see a red plugin icon in the location bar. If you don’t want the Flash content to load, do nothing - it is being blocked. If you do want it to load, click the icon to enable Flash for that site.
The only problem with this approach is that when in the “Ask To Activate” mode, Firefox reports that you have Flash capability. I suppose it has to do this, otherwise the remote site wouldn’t try to serve Flash content and the browser wouldn’t put up the icon you need to enable Flash (should you want to). The downside is that sites may not try to serve a non-Flash version of their content, if any exists.
For this reason, I configure my Firefox to completely disable Flash (“Never Activate”) in the add-ons preference screen. I manually enable it for those rare occasions where I actually need it, and then turn it off again when I’m done there.
It doesn’t help to be posting these here. If you feel you have identified a false positive you need to report it to https://forums.malwarebytes.com/forum/252-malwarebytes-browser-guard/.
I would have posted this information on the Malwarebytes Forum, but now that I have it I’ll post here as general information everybody else.
I’ve done some research on the site and found that two other scanners on VirusTotal identify the site as being Malicious.
I also see on the Apple Support Forum that the site is used to describe how to remove various Mac infections and includes links to a known PUP that may do more harm than good and a couple of troubleshooters have labeled it as a “Scam” site. If you are able to get to the site, you are encouraged to try the manual methods listed to uninstall Mac malware, but under no circumstances should you download any tool they recommend.
I’m unable to get to the site in Safari because my Pi-Hole DNS filter is blocking the site, which would also indicate there is something wrong with it.
Thanks for checking it. I did not want to report it as a false positive at Malwarebytes, since I had no way to know whether it was false positive or real problem.
Thanks for the recommendation above for DetectX. I’d never heard of it til now.
When you get those pages, close the page. Move on. When I get them—two or three in the past year—I clear my history, clear the caches and delete all web data, the latter being cookies. That means I have to re-login to some websites. No big deal.
Someone on this thread said to download the latest Flash. Ugh! Do what you want. But using Flash encourages bad behavior on the part of developers who still use Flash. Flash is a security mess. If you are using a mobile devise or notebook computers, Flash wastes your battery.