Beware! Those Adobe Flash Update Popups Could Be Hiding A Cryptominer


Adobe Flash is known to be a minefield of vulnerabilities and notorious actors exploit the same from time-to-time. Using fake Adobe Flash update popup on websites is another attack vector often used.

Along the similar lines, a recent type of fake Flash update has been uncovered by a security researcher of Palo Alto Networks’ Unit 42 group. Contrary to the previously found poorly-designed malware, it comes with additional deception.

Since cryptominers are the most trending category of malware, this fake Flash update installs an XMRig cryptocurrency miner. As a result, your computer’s processing power keeps getting used in the background for mining free digital coins.

The research found 113 examples of fake update malware since March 2018 with Windows executables starting with AdobeFlashPlayer_. While 77 of them contained malware with a CoinMiner tag, the rest samples shared other tags.

“Windows provided a typical warning about an unknown publisher that victims can easily click through on vulnerable Windows hosts,” the report further states.

It’s worth noting that the network traffic generated during the infection process mainly contains the Flash update. However, soon the miner starts generating traffic associated with XMRig cryptocurrency mining.

With the help of update traffic and Adobe popup, this malware tries hard to deceive users. However, if an organization has okayish web filtering, the malware could be easily caught.

Also Read: 7 Easy Ways To Block Cryptocurrency Mining In Your Web Browser
Adarsh Verma

Adarsh Verma

Fossbytes co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email — [email protected]
More From Fossbytes

Latest On Fossbytes