The researchers were searching the internet for fake Flash updates, and found Windows executable files starting with AdobeFlashPlayer. The team found 113 examples of malware meeting their search criteria. The team ran tests on Windows 7 Service Pack 1 and found that the operating system did present a warning about downloading software from unknown publishers, meaning the hackers weren't waltzing right through. But given how legitimate the malware looks, it's possible that victims would have clicked yes and proceeded with the installation regardless.
During the crypto boom late last year, it wasn't just hackers trying to subvert citizen computers for financial gain, so were websites. Certain Starbucks websites and The Pirate Bay were found to be feeding off the processing power of its users to make some extra crypto on the side. And whenever there's money to be made, bad actors will try and find dubious ways to scam people for cash.