Hackers hide cryptocurrency mining malware in Adobe Flash updates


Cryptocurrency scammers have gotten additional inventive and at the moment are hiding mining malware in reputable updates of Adobe Flash Participant.

Researchers from cybersecurity agency Palo Alto Networks found a pretend Flash updater which has been doing the rounds since early August. Whereas it claims to put in a reputable Flash replace, the malicious file sneaks in a cryptocurrency mining bot referred to as XMRig (which mines privateness coin Monero).

The actual fact the rip-off really installs a real Flash replace serves to distract the consumer from the deceitful goings-on. Many customers could also be unaware their CPU is now working at full tilt, mining cryptocurrency for another person.

What’s happening?

Whereas looking for Faux flash updates, the researchers uncovered 113 cases of recordsdata with the “AdobeFlashPlayer” preffix hosted on non-Adobe servers.

Palo Alto Networks believes customers are directed to those recordsdata by way of spoof URLs. Nonetheless, the researchers haven’t been capable of confidently conclude how victims arrive at these URLs within the first place.

Palo Alto Networks examined one of many pretend URLs and located that there could be no purpose to suspect any foul play: the online site visitors, however, instructed a special story.

After the URL downloads and installs a reputable Flash replace the mining bot connects to a Monero mining pool, and will get to work.