Fake Flash updates upgrade software, but install crypto-mining malware

As if there weren’t already enough reasons to hate Flash updates.
Imad Khan
I. Khan|10.13.18

Sponsored Links


According to cybersecurity firm Palo Alto Networks, it discovered a fake Flash updater that has been duping conscientious computer users since August. The fake updater installs files to sneak a cryptocurrency mining bot called XMRig, which mines for Monero.

But here's the catch, while the fake updater is installing the XMRig malware, it's also updating the user's Flash.

The researchers were searching the internet for fake Flash updates, and found Windows executable files starting with AdobeFlashPlayer. The team found 113 examples of malware meeting their search criteria. The team ran tests on Windows 7 Service Pack 1 and found that the operating system did present a warning about downloading software from unknown publishers, meaning the hackers weren't waltzing right through. But given how legitimate the malware looks, it's possible that victims would have clicked yes and proceeded with the installation regardless.

During the crypto boom late last year, it wasn't just hackers trying to subvert citizen computers for financial gain, so were websites. Certain Starbucks websites and The Pirate Bay were found to be feeding off the processing power of its users to make some extra crypto on the side. And whenever there's money to be made, bad actors will try and find dubious ways to scam people for cash.

Turn on browser notifications to receive breaking news alerts from Engadget
You can disable notifications at any time in your settings menu.
Not now

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget