Latest in Gear

Image credit: Dpa

Fake Flash updates upgrade software, but install crypto-mining malware

As if there weren’t already enough reasons to hate Flash updates.
Imad Khan, @imad
10.13.18 in Internet
787 Shares
Share
Tweet
Share
Save

Sponsored Links

Dpa

According to cybersecurity firm Palo Alto Networks, it discovered a fake Flash updater that has been duping conscientious computer users since August. The fake updater installs files to sneak a cryptocurrency mining bot called XMRig, which mines for Monero.

But here's the catch, while the fake updater is installing the XMRig malware, it's also updating the user's Flash.

The researchers were searching the internet for fake Flash updates, and found Windows executable files starting with AdobeFlashPlayer. The team found 113 examples of malware meeting their search criteria. The team ran tests on Windows 7 Service Pack 1 and found that the operating system did present a warning about downloading software from unknown publishers, meaning the hackers weren't waltzing right through. But given how legitimate the malware looks, it's possible that victims would have clicked yes and proceeded with the installation regardless.

During the crypto boom late last year, it wasn't just hackers trying to subvert citizen computers for financial gain, so were websites. Certain Starbucks websites and The Pirate Bay were found to be feeding off the processing power of its users to make some extra crypto on the side. And whenever there's money to be made, bad actors will try and find dubious ways to scam people for cash.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
787 Shares
Share
Tweet
Share
Save

Popular on Engadget

Blue's Yeti X microphone comes with everything you need to sound like a pro

Blue's Yeti X microphone comes with everything you need to sound like a pro

View
Uber will restrict NYC drivers' access to app due to new regulations

Uber will restrict NYC drivers' access to app due to new regulations

View
GNU founder Richard Stallman resigns from MIT, Free Software Foundation

GNU founder Richard Stallman resigns from MIT, Free Software Foundation

View
 FCC approves first commercial use of 3.5GHz band

FCC approves first commercial use of 3.5GHz band

View
What's on TV: 'Spider-Man: Far From Home'

What's on TV: 'Spider-Man: Far From Home'

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr