- Fake Adobe Flash updates are injecting cryptocurrency mining malware in Windows operating systems.
- The classical Trojan Horse strategy being used by hackers to utilize the computing resources of the victims to mine cryptocurrency.
The art of crypto-jacking has evolved at a rapid phase and has now gone to the next level. The unethical cryptocurrency miners have started camouflaging mining malware into genuine Adobe Flash player updates. Crypto-jacking is now considered more alarming that ransomware attacks and becoming hard to control.
Trojan malware to mine Monero
A Trojan is a malicious software which portrays as a legitimate one and tries to trick users into installing them. This is an old-school tactic of spying or harming the victim's system. Trojans survive by playing in stealth mode.
The Trojan technique is now helping hackers to mine cryptocurrencies without being noticed by the users. Once the user installs the spoof Adobe Flash player update, the malware performs its tasks at the background (without getting noticed) and use the CPU cycles of the Windows processing system to mine XMR (Monero).
Spoofed Adobe Flash update
Cybersecurity firm Palo Alto Networks has recently reported a fake Flash update being used for crypto-jacking. The researchers from the firm found the illegitimate update was introduced in the early August. The update disguises itself from the user by installing the authorized Flash update, but at the background it downloads a cryptocurreny mining bot named XMRig.
Hunred and thirteen instances of AdobeFlashPlayer files are discovered by the researchers in their search for fake Flash updates and are hosted on non-Adobe servers. These files were backed by mocked URLs as Adobe Flash update. When a user clicks on the URL, the update gets installed followed by XMRig establishing connection towards Monero mining pool.
How crypto-jacking affects the victims?
Once the bot connects to a mining pool, it does the heavy-lifting by mining the privacy coin Monero at the cost of victim's computing power. The CPU cycles are spent towards mining, rather than helping its owner. Crypto-jacking is growing strongly and proven to be more dangerous than other cyber attacks. It is a cumber-some task to remove a crypto-jacking malware after being installed and it has the power to crash the entire system while trying to uninstall.
 |
| Source > Research Center, Palo Alto Networks |
Monero has been known for its usage in crypto-jacking practices and its community has strictly warned the hackers from using their cryptocurrency in illegal activities. Hopefully, the community will take adequate measures to curb XMR's involvement in hacking practices.
Adobe recently confirmed that the support for Adobe Flash player will end by 2020 and has adived the consumers to drift towards secure HTML 5 platform. Crypto-jacking malwares are hard to identify and at the same time has the potential to make fortunes for the hackers.
Naive users are often falling prey to these hacks and it becomes an additional responsibility for us to educate them on how to safeguard themselves from attacks!