If you thought that problems with the Flash plugin had stopped, then you are mistaken, they are gaining momentum, and scammers have become wiser and more creative.
New research from Palo Alto Networks has found a recent resurgence in fake installers installing real Flash from Adobe's website, along with hidden mining malware.
Using this trick, scammers trick users into thinking everything is legit and suspecting nothing.
Once the installer opens, it injects XMRig, an open-source miner that uses the computer's CPU and graphics card for hidden mining. All generated funds are pumped into the Monero wallet, which makes it impossible to track the movement of funds. When malware is injected, the installer downloads and installs the actual Flash. Since March, researchers have discovered more than a hundred of these fake Flash installers.
It is ironic that Flash, one of the biggest plugins and attack vectors, is still causing headaches. When Flash wasn't being used to distribute malware to users, hackers would imitate it and use the plugin to launch their own attacks. Flash has become such a big problem that Google started sandboxing it in Chrome almost a decade ago.
But since the advent of HTML5, which is more versatile and easier to use, the use of Flash has rapidly declined.
According to techcrunch.com
You May Also Like
Bitcoin helps law enforcement track criminals
One US Drug Enforcement Administration (DEA) agent told the press that “she wants criminals to continue using Bitcoin” because it allows them to be traced.
Gamers stole more than $3 million in cryptocurrency
A group of Call of Duty players - one from Dolton and another from Bloomington - are suspected of hacking into computers and stealing more than $3 million in cryptocurrency, according to a criminal complaint filed in Chicago.
