If you thought that problems with the Flash plugin had stopped, then you are mistaken, they are gaining momentum, and scammers have become wiser and more creative.
New research from Palo Alto Networks has found a recent resurgence in fake installers installing real Flash from Adobe's website, along with hidden mining malware.
Using this trick, scammers trick users into thinking everything is legit and suspecting nothing.
Once the installer opens, it injects XMRig, an open-source miner that uses the computer's CPU and graphics card for hidden mining. All generated funds are pumped into the Monero wallet, which makes it impossible to track the movement of funds. When malware is injected, the installer downloads and installs the actual Flash. Since March, researchers have discovered more than a hundred of these fake Flash installers.
It is ironic that Flash, one of the biggest plugins and attack vectors, is still causing headaches. When Flash wasn't being used to distribute malware to users, hackers would imitate it and use the plugin to launch their own attacks. Flash has become such a big problem that Google started sandboxing it in Chrome almost a decade ago.
But since the advent of HTML5, which is more versatile and easier to use, the use of Flash has rapidly declined.
According to techcrunch.com
You May Also Like
The law firm will sue the creator of the pyramid
The American law firm Silver Miller, which specializes in cryptocurrency investments, filed a lawsuit against investor Jeremy Spence, who, according to its representatives, operated a cryptocurrency pyramid and misled investors.
Where are the gray miners hiding?
The problem of gray mining still remains relevant, and miners are becoming more sophisticated. Let's try to figure out how they disguise themselves after infiltrating a user's computer.
