If you thought that problems with the Flash plugin had stopped, then you are mistaken, they are gaining momentum, and scammers have become wiser and more creative.
New research from Palo Alto Networks has found a recent resurgence in fake installers installing real Flash from Adobe's website, along with hidden mining malware.
Using this trick, scammers trick users into thinking everything is legit and suspecting nothing.
Once the installer opens, it injects XMRig, an open-source miner that uses the computer's CPU and graphics card for hidden mining. All generated funds are pumped into the Monero wallet, which makes it impossible to track the movement of funds. When malware is injected, the installer downloads and installs the actual Flash. Since March, researchers have discovered more than a hundred of these fake Flash installers.
It is ironic that Flash, one of the biggest plugins and attack vectors, is still causing headaches. When Flash wasn't being used to distribute malware to users, hackers would imitate it and use the plugin to launch their own attacks. Flash has become such a big problem that Google started sandboxing it in Chrome almost a decade ago.
But since the advent of HTML5, which is more versatile and easier to use, the use of Flash has rapidly declined.
According to techcrunch.com
You May Also Like
A million attacked computers brought hackers $2 million
A malicious program for hidden cryptocurrency mining, distributed among a million computers in China, brought its creators about two million dollars in two years.
Promising ICO project Taylor shot down on takeoff
A young project that promises to help newcomers to the exchange as an electronic trader lost about $1,536,488 as a result of a hacker attack last week.
