Skip to main content
  1. Home
  2. Computing
  3. News

Spoof Adobe Flash updaters are inserting cryptocurrency mining malware

Arif Bacchus
By
Image used with permission by copyright holder

Cryptocurrency mining malware could be hiding in your Adobe Flash Update, according to new research from cybersecurity firm Palo Alto Networks. Although not a new hacking tactic, the latest analysis shows a significant spike in Adobe Flash updaters which can go on and hide in the background and do damage to Windows systems.

Per the research in the study, there were a total of 113 fake updaters discovered on the web, none of which are hosted on official Adobe servers. A spike in these URLs appeared as early as June 2018, and then again in September 2018. The research doesn’t make it clear how one can arrive at these, but it shows that spoof URLs are the likely root cause.

Recommended Videos

In a test of one of these URLs on August 24, Palo Alto Networks revealed that the bogus Adobe updaters go on to legitimately update Flash Player and throw an unsuspecting user to an official Adobe website on completion. Unfortunately, it also ends up embedding an “XMRig” mining bot in the process. That bot then runs in the background, making a CPU go 100-percent full force, mining “Monero” cryptocurrencies for hackers. There’s no warning, and the only way to tell where connections were going was by analyzing the networking traffic.

Related

“This campaign uses legitimate activity to hide distribution of cryptocurrency miners and other unwanted programs. Organizations with decent web filtering and educated users have a much lower risk of infection by these fake updates,” explains Palo Alto Networks.

Cryptocurrency malware is not a new phenomenon and has sometimes proven tough to remove from infected systems. Back in May, one strain of this type of malware crashed the PCs of those who manually tried to kill off the mining process from the task manager.

Adobe is actually ending support for Flash Player in 2020 and wants content creators and consumers to move to the much more secure HTML 5 platform. The firm cited browser plugins in that decision, noting that these can disrupt secure environments, cause browser instability issues, and open up browsers to hacking. Flash is mainly obsolete anyway, and many browsers are already blocking the plugin from starting automatically. It’s all one step toward a safer internet for us all.

Editors' Recommendations

Topics
Arif Bacchus
Arif Bacchus
Computing Writer
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
How to delete or hide chats in Microsoft Teams
Running Microsoft Teams on the Galaxy Tab S8.

Microsoft Teams is a terrific workplace platform for keeping the camaraderie strong. Featuring collaborative messaging, video conferencing, and file-sharing tools, it’s your one-stop-shop for in-office, hybrid and at-home workers alike. But anyone with a long history of using Teams will tell you how clogged up your message stockpile can get. Fortunately, deleting and hiding these exchanges is relatively easy to do, and we’ve put together this guide to help.

Read more
Why Llama 3 is changing everything in the world of AI
Meta AI on mobile and desktop web interface.

In the world of AI, you've no doubt heard about what OpenAI and Google have been up to. And now, Meta's Llama LLM (large language model) is becoming an increasingly important player in the game, especially with its open-source nature. Meta recently made a big splash with the launch of its Llama 3 AI model, and it's shaken up the field dramatically.

The reasons why are multiple and varied. It's free to use, it has a wide user base, and yes, it's open source, to name but a few. Here's why Llama 3 is taking the AI industry by storm and may shape its future for some time to come.
Llama 3 is really good
We can debate until the cows come home about how useful AIs like ChatGPT and Llama 3 are in the real world -- they're not bad at teaching you board game rules -- but the few benchmarks we have for how capable these AI are give Llama 3 a distinct advantage.

Read more
How to delete messages on your Mac
A MacBook and iPhone in shadow on a surface.

Apple likes to make things easy for its iPhone, iPad, and macOS devotees. When signed in with the same Apple ID on more than one of these devices, you’ll be able to sync your messages from one Apple product to the next. This means when you get a text on your iPhone, you’ll be able to pull it up through the Messages app on your Mac desktop.

Read more