Adobe Flash Player Update Installation Packages Contain Crypto Mining Malware

According to new research carried out by cybersecurity firm Palo Alto Networks, some fake Adobe Flash Player update installation packages hide crypto mining malware designed for cryptojacking.

As reported by Palo Alto Networks, corrupt Flash installers include cryptojacking malware. Although this hacking method is not designed to steal personal data or credentials, crypto mining malware is reducing your computer’s performance considerably and, on many occasions, PCs stop responding.

According to research, more than 110 fake Adobe Flash update installers were discovered on the Internet. However, none of these was on the official Adobe servers. Palo Alto Networks does not indicate how this was possible, but it did reveal that the non-official Flash update might be the primary cause of the problem.

Besides, according to Palo Alto Networks, the Adobe Flash Player hidden crypto mining malware is generating Monero (XMR) for its owners.

Non-Official Adobe Flash Player Updates Contain Crypto Mining Malware For Cryptojacking

Palo Alto Networks revealed that a cryptojacking, fake Adobe Flash Player update is correctly updating the program and it even redirects users to the official Adobe website. However, the software also installs a crypto mining software known as “XMRig.”

“XMRig” then runs in the background, making your PC’s CPU operate at 100%, mining for Monero (XMR) cryptocurrency for its owners.

“This campaign uses a legitimate activity to hide the distribution of crypto mining and other unwanted programs. Organizations with decent web filtering and well-trained users have a much lower risk of infection with these fake [Adobe Flash Player updates],” explains Palo Alto Networks representatives.

Besides all that, Adobe will terminate the support for Flash Player in 2020 and recommends content creators and end-users to choose the much more secure platform, the HTML 5. The company cited browser plug-ins in this decision, noting that they could disrupt safe environments, cause browser instability problems, and expose users to cyber attacks.

You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *