(MENAFN- NewsBytes)
Cryptocurrency mining malware found hidden in Adobe Flash updater
13 Oct 2018
A windows installer carrying legit Adobe Flash update has been flagged as a potential source of cryptocurrency mining malware.
The fake installer, when run, brings Adobe Flash Player to the latest version, leading the user to think it's authentic.
However, in the background, it installs the malware to mine cryptocurrency.
Here are the finer details.
What does this fake updater do?
Details
Discovered by security researchers at Palo Alto Networks, the fake Flash updater sneaks a cryptocurrency bot called XMRig while installing the Flash update.
The bot mines for Monero and has been deceiving users for nearly three months now.
Users get a legit Flash version from the installer, so that they don't realize what it might be doing to their machine in the background.
How the malware was discovered?
Search
The researchers found the cryptocurrency miner while analyzing one of more than 100 fake 'AdobeFlashPlayer' installers on the internet.
On running the program, it sought permission to download software from unknown publishers, but given the looks, most victims would have continued with the installation.
Next, the bot got into action and connected to a Monero mining pool in the background.
Then, the system takes the load, mining cryptocurrency
Mining act
After establishing the connection, the bot started mining Monero for the scammer, running the victim's CPU at full throttle.
The cryptocurrency mined, in this case, was being redirected to a single wallet, the researchers found.
However, it is worth noting that this is not the first case of cryptocurrency mining with a malware like this.
Illegal Monero mining
Fact
According to a study, more than $250,000 worth of Monero is mined every month using illegal browser-based scripts and programs. Even Starbucks' websites and The Pirate Bay have been found doing the same.
MENAFN1310201801650000ID1097564370
Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.