Oct 15, 2018 at 13:03 // News

Coin Idol Author

Agreed, Adobe Flash still works, regrettably, and that means it's still employed as a method to target ignorant users with malicious malware. As you would think, the latest malware to attract big attention masks itself as an update to Flash to trick users into installing malevolent software.



Now, the malware is a digital currency mining bot which exploits system resources to smoothly mine for Monero. The most interesting part is that the software updates the Flash software.

The Fake Updater

Revealed by experienced researchers at Palo Alto Networks, a security company, the fraudulent Flash updater has been circulating from one place to another since August 2018, presumptively trying to turn into the most bullish malware of 2018. The researchers discovered 113 instances of the fraudulent updater, that installs the digital currency miner XMRig.

According to the test they carried out on computers using Window 7, the researchers uncovered that upon installing the fraudulent updater, Window 7 OS didn't issue notifications about known software, but due to how bonafide it appears it's very easy to see how victims could be tricked.

Has Something Gone Wrong?

After being installed, XMRig runs calmly spawning the Monero digital currency in the background, but also correctly updates the Flash software to the latest version.

“It’s likely to make the user think that nothing had gone wrong,” said Palo Alto Networks’ Ryan Olson. Adding that “Performing the update, and making the user think nothing bad had happened, goes hand in hand with the crypto mining business model.”

The security company reveals it's unclear how many individuals could fall victim to the fraudulent Flash updater. Those people that have already downloaded are facing significant system performance problems, but then again the Adobe Flash they are using on their devices is updated.