• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
TechEngage®

TechEngage®

Technology news and opinions

  • Tech News
  • Reviews
  • How-to
  • Roundups
  • Science
    • Energy
    • Environment
    • Health
    • Space
  • Apps
  • More
    • Opinion
    • Noteworthy
    • Culture
    • Blockchain
      • Cryptocurrency
    • Events
    • Deals
    • Startups
      • Startup Submissions
  • Videos
TechEngage » News » Security

Hackers hiding crypto malware in Adobe Flash updates

Avatar Of Muhammad Abdullah Muhammad Abdullah Updated: April 3, 2021

fake adobe flash update
source: Pixabay

Hackers are injecting crypto-mining software in fake Adobe Flash updates

Hiding malware in Adobe flash updates is an old tactic. However, a researcher from cyber security company Palo Alto Networks reports signs of crypto-miner malware in the fake Adobe Flash updates. Palo Alto researcher said that the miners use your computer to expand their control over installing the affected update. The update package updates the plugin itself but also installs an illicit mining malware on your computer that eventually lowers your computer’s performance and uses it for mining purpose.

What’s happening?

These fakes are tricking users into installing Adobe Flash updates, and as soon as the user installs the update, the malware also gets installed on the computer. The update seems legitimate but is insidious.

Fake Adobe Flash Updates
Source: Palo Alto Networks

The researcher also reported that the hackers are more interested in Monero coin and are using illicit mining leaving no marks. Monero coin’s privacy protocol makes it extremely hard to trace, and hence it’s a win for malware injectors. The fake installers update the Adobe Flash plugin but also installs XMRig in the background. The program after getting installed on the victim’s computer uses graphics card and processing power to mine Monero coin without any notice.
Because of the legitimacy of the update, the victim may not notice anything about the malware. Meanwhile, the miner is quietly running in the background of the person’s Windows computer. It is a new type of deceptive attack where researcher noticed that the files they saw are starting with “AdobeFlashPlayer_ _” and are from non-Adobe servers. To keep a check on your downloads, you should know that these downloads always contain string “flashplayer_down.php?clickid=” in the URL of the download. Palo Alto researcher found almost 113 examples of this malware since March.
The malware attacks are reportedly a planned campaign. The distribution of these cryptocurrency minders is happening via the distribution of legitimate software updates. An educated user with a decent web filter installed can lower the risk of becoming a victim of these fake updates.
Let us know what do you think about this deception by hackers!
Share your thoughts in the comments below.

This post was orginally published on: October 12, 2018 and was updated on: April 3, 2021.

Related Stories

  • Google Play Store Accidentally Sends Malware To Users’ Phones

    Google Play Store accidentally sends malware to users’ phones

  • Cybersecurity Vulnerabilities That Are Often Overlooked

    Cybersecurity vulnerabilities that are often overlooked

  • Judge Rejects Yahoo’S Settlement Offer Over Data Breaches

    Judge rejects Yahoo’s settlement offer over data breaches

Avatar Of Muhammad Abdullah

Muhammad Abdullah

Editor-in-chief

Abdullah, AKA "abdugeek," is a computer scientist turned tech writer and certified Growth Hacker. He has a versatile entrepreneurial mindset and is well-versed in digital world with passion for animals, particularly fish. Founder of multiple digital startups in technology sector, he's always pushing boundaries and seeking new opportunities. Follow him on social media or learn more about him on about.me/abdugeek.

Reader Interactions

Share Your Thoughts Cancel reply

Please read our comment policy before submitting your comment. Your email address will not be used or publish anywhere. You will only receive comment notifications if you opt to subscribe below.

Primary Sidebar

Become a contributor

We are accepting contributor applications. All applications will be decided in 3 days after applying. To learn more click here.
TechEngage-Apple-News
TechEngage-Google-News
iPhone 12 Pro and iPhone 12 Pro Max

Best iPhone 12 series wallet cases for 2023

streaming service

The Best Streaming Service 2023 (Guide)

Recent Stories

  • Twitter may charge brands $1,000 to retain their Gold verified badge
  • Best Graphics Cards (GPUs) for gaming in 2023
  • A box packed OG iPhone is set to auction for $50,000
  • 6 best treadmills on Amazon in 2023
  • Samsung unveils Galaxy S23 series with “made for Galaxy” Snapdragon processor

Footer

Discover

  • About us
  • Newsroom
  • Staff
  • Advertise
  • Send us a tip
  • Startup Submission Questionnaire
  • Brand Kit
  • Contact us

Legal pages

  • Reviews Guarantee
  • Community Guidelines
  • Corrections Policy and Practice
  • Cookies Policy
  • Our Ethics
  • Disclaimer
  • GDPR Compliance
  • Privacy Policy
  • Terms and Conditions

Must reads

  • Best AirPods alternatives on Amazon
  • Best PC monitors for gaming on Amazon
  • Best family board games
  • Best Graphics Cards (GPUs) for gaming
  • Best video doorbells without subscription
  • Best handheld video game consoles
  • Best all-season tires for snow
  • Best mobile Wi-Fi hotspots
  • Best treadmills on Amazon
  • Best AM radios for long-distance reception

Download our apps

TechEngage-app-google-play-store

Copyright © 2023 · All Rights Reserved · TechEngage® is a Project of TechAbout LLC.
TechEngage® is a registered trademark in United Kingdom under Trademark Number UK00003417167 and is ISSN protected under the ISSN 2690-3776 and OCLC Number 1139335774.

Go to mobile version