If you thought that problems with the Flash plugin had stopped, then you are mistaken, they are gaining momentum, and scammers have become wiser and more creative.
New research from Palo Alto Networks has found a recent resurgence in fake installers installing real Flash from Adobe's website, along with hidden mining malware.
Using this trick, scammers trick users into thinking everything is legit and suspecting nothing.
Once the installer opens, it injects XMRig, an open-source miner that uses the computer's CPU and graphics card for hidden mining. All generated funds are pumped into the Monero wallet, which makes it impossible to track the movement of funds. When malware is injected, the installer downloads and installs the actual Flash. Since March, researchers have discovered more than a hundred of these fake Flash installers.
It is ironic that Flash, one of the biggest plugins and attack vectors, is still causing headaches. When Flash wasn't being used to distribute malware to users, hackers would imitate it and use the plugin to launch their own attacks. Flash has become such a big problem that Google started sandboxing it in Chrome almost a decade ago.
But since the advent of HTML5, which is more versatile and easier to use, the use of Flash has rapidly declined.
According to techcrunch.com
You May Also Like
Criminals are 'vulnerable' when converting cryptocurrencies to fiat
US customs officials say cryptocurrency helps track criminals
Robinhood accused of selling customer data or free cheese again
Investing platform Robinhood, which is rapidly gaining popularity, appears to be making up for lost profits from zero commissions by selling users' data to make a quick buck at high-speed trading firms (HFTs) on Wall Street.
