If you thought that problems with the Flash plugin had stopped, then you are mistaken, they are gaining momentum, and scammers have become wiser and more creative.
New research from Palo Alto Networks has found a recent resurgence in fake installers installing real Flash from Adobe's website, along with hidden mining malware.
Using this trick, scammers trick users into thinking everything is legit and suspecting nothing.
Once the installer opens, it injects XMRig, an open-source miner that uses the computer's CPU and graphics card for hidden mining. All generated funds are pumped into the Monero wallet, which makes it impossible to track the movement of funds. When malware is injected, the installer downloads and installs the actual Flash. Since March, researchers have discovered more than a hundred of these fake Flash installers.
It is ironic that Flash, one of the biggest plugins and attack vectors, is still causing headaches. When Flash wasn't being used to distribute malware to users, hackers would imitate it and use the plugin to launch their own attacks. Flash has become such a big problem that Google started sandboxing it in Chrome almost a decade ago.
But since the advent of HTML5, which is more versatile and easier to use, the use of Flash has rapidly declined.
According to techcrunch.com
You May Also Like
Crypto investors ranked third in the list of worst passwords
Cryptocurrency password management and storage company Dashlane yesterday released the third edition of its annual “Worst Passwords” list, which placed crypto investors in third place.
Both laughter and sin: in China you can fabricate an ICO for just $600
Despite the fact that ICOs were banned in China six months ago, fabricating a crowdfunding campaign is not a problem. Copywriters continue to work in the country, who, for a nominal fee of only $600, are ready to provide all the necessary services, including even white paper
