I just uninstalled Adobe Flash (was acting strange), and am trying to download it again. If I try to go to get.adobe.com/flashplayer, I end up at http://get2.adobe.com/flashplayer/?no_redirect
I’m pretty sure I remember this happening in Firefox in the past, but now its only happening with Dragon… which I reinstalled twice in the last 24 hours in between scans and running ccleaner.
I honestly thought I had scanned the install_flash_player11.exe from this site about a month ago, but it seems the file has changed and it was uploaded 1.5 weeks ago to virus total (check additional information for “get2” URL). Please see the following VirusTotal page, (SHA1: 44ada1431cf46196d00dfc84ec7ba1e73e5a9267):
For internet’s sake, please navigate to get.adobe.com/flashplayer in your browsers to get a consensus of who is being redirected and, hopefully, why.
Here is a screen shot of the offending website: http://archive.is/get2.adobe.com – note the McAffee download has been reported to be bundled with a trojan.
My guess is the malware involved in this conspiracy is, or is at least similar to the DNSChanger that surfaced this February: Advanced Research Center | Trellix
I should note that the McAfee site above received a Calomel SSL Validation analysis of: "WARNING, BROKEN and INSECURE! (red 12%), and Perspectives reports that it is not the most commonly reported that only 3 out of 7 visitors reported this same certificate, and over the last 15 days the sites certificate has changed 4 times. If you go back to the virustotal report to the flash installer, the behavioral information may suggest manifestation and manipulation of network hardware, the users shell, and remote access… I’m no expert but I have had problems with quite a few of these affected files in the last couple months…
So please, if anybody can be brave and save the internet, please look into this and see if you are affected in a similar way; if not, go ahead and update your flash player via Comodo and watch your logs