Hackers Are Using Fake Flash Updates

[FotisNt]

It has been discovered that fake Adobe Flash updates are being used to surreptitiously install cryptocurrency mining malware on computers and networks, creating severe losses in time, system performance, and power consumption for affected users.


Cryptojacking Breaks New Ground

While fake Flash updates that push malware have traditionally been easy to spot and avoid, a new campaign has employed new tricks that stealthily download cryptocurrency miners on Windows systems.

Writing in a post exposing the scheme, Unit 42 threat intelligence analyst Brad Duncan said:

    “As early as August 2018, some samples impersonating Flash updates have borrowed pop-up notifications from the official Adobe installer. These fake Flash updates install unwanted programs like an XMRig cryptocurrency miner, but this malware can also update a victim’s Flash Player to the latest version.”

The implication of this unpleasant scenario is that a potential victim may not notice anything out of the ordinary while an XMRig cryptocurrency miner or other unwanted program is quietly running in the background of the victim’s Windows computer. This miner software could potentially slow down the processor of the victim’s computer, damage the hard drive, or extract confidential data and transmit it onto other digital platforms without the victim’s consent.


Technical Details of Fake Adobe Update Cryptojacking Malware

Duncan explained that it was not very clear how potential victims were arriving at the URLs delivering the fake Flash updates; however, network traffic during the infection process has been primarily related to fraudulent Flash updates. Interestingly, the infected Windows server generates an HTTP POST request to [osdsoft[.]com], a domain affiliated with updaters or installers pushing cryptocurrency miners.
 

[SLFJ]

I didn't know so it's a discovery for me, thanks for not letting me install adobe fake flashes. Cheers.

[williamshennie9]

Hackers have been using fake updates and "holes" or exploits within adobe flash player since it was created. The safest way to handle these is to never install flash player from any site, except the official site, and to always keep it up to date.

[Etude]

You definitely will need to be cautious when installing softwares, browser add-ons which carries risks of bringing malwares into your devices or PC. This is exactly how hackers are indeed able to access your informations to compromise your security.