Hackers are using fake Adobe Flash updates to install malware on victims’ computers and hijack them to mine cryptocurrencies like monero (XMR), researchers from cyber security firm Palo Alto Networks Inc. have discovered. Organizations with decent web filtering and more educated users have a much lower risk of being infected by such fake updates, however, they note.
“In most cases, fake Flash updates pushing malware are not very stealthy … However, a recent type of fake Flash update has implemented additional deception. As early as August 2018, some samples impersonating Flash updates have borrowed pop-up notifications from the official Adobe installer. These fake Flash updates install unwanted programs like an XMRig cryptocurrency miner, but this malware can also update a victim’s Flash Player to the latest version,” the researchers explained. “Because of the legitimate Flash update, a potential victim may not notice anything out of the ordinary.”