Malicious cryptocurrency mining software remains a very big threat to consumers. Palo Alto researchers note an increase in fake Adobe Flash updaters. A growing number of these fake tools tend to distribute crypto mining malware once installed.
Beware of Fake Flash Updaters
Despite a growing push to adopt HTML5, Adobe’s Flash Player is still very common. A lot of online video content can only be viewed by using this particular browser plugin. As is the case with any form of software, the Flash Player needs to be upgraded whenever Adobe releases a patch. That creates an opportunity for criminals to strike.
Research by Palo Alto lays out a very worrisome scenario. An increase in the number of fake Adobe Flash updaters is cause for concern. That situation is only compounded when these fake tools deliver crypto mining malware payloads. Other types of malware being distributed include information stealers, and even ransomware.
Most of the fake updater tools cannot be distinguished from genuine products. This is primarily because few consumers pay attention to what the genuine updater should look like. The wave of Adobe Flash Player updates over the years allows for “fake notifications” to be seen as yet another mandatory change. The displayed notifications even look similar to those Adobe pushes to users. More worryingly, recipients will also get the legitimate update in the process. This further masks any nefarious activity.
Another Attempt at Malicious Monero Mining
This latest effort is another example of how profitable cryptojacking is for criminals. Numerous methods of attacks have been explored over the past few months. One successful example is the attack against unprotected routers. When thousands of devices begin mining Monero, criminals can earn a relatively big paycheck in the process. The exact earnings from cryptojacking remain unclear because of Monero’s private and anonymous nature.
Thankfully, the Monero community is stepping up its game. A new initiative has been launched to warn about the dangers of mining malware. Although it may fall on deaf ears a proactive approach is more than warranted at this time. This new wave of fake Adobe Flash updaters shows such warnings are direly needed. Consumers need to be made aware of these pressing problems threatening their devices.
When legitimate activity can be used to mask malicious crypto mining, things are not looking positive. It is up to consumers to take the necessary precautions regarding these problems. Steering away from unknown websites remains the best course of action. Moving away from platforms relying on Adobe Flash may be an extreme measure, although it has some merit as well.
What do you think about the latest cryptojacking scheme? What are you going to do to avoid it? Let us know in the comments below.
Images courtesy of ShutterStock