Fake Adobe Flash Update Uses Your Computer To Mine Cryptocurrency
By: Jim Stickley and Tina Davis
October 19, 2018
You’ve heard it before. There’s an issue with Adobe Flash. Yet another vulnerability and it needs to be patched. Before we get into this recent issue, just understand that very little of what you do on the Internet these days needs to use Adobe Flash. It has been replaced by other products for the most part. However, in this most recent case, a legitimate Adobe Flash update is being used to illegitimately mine the digital currency Monero. Your system does all the heavy lifting and the hackers get the reward in the form of Monero.
This particular bot is called XMRig. It comes courtesy of an Adobe Flash update that is hidden in spoofed URLs. Researchers at Palo Alto Networks found 113 of these.
Before going any further, disable Adobe Flash in all of your browsers. Adobe Flash is dangerous because it can directly access your computer memory. That’s just asking for trouble. Google Chrome and Mozilla no longer even support it. So go into your settings and disable it, no matter what browser you use. Once you find out that you really don’t need it, get rid of it completely. In fact, even Adobe is putting an end to Flash in 2020. It’ll still be around of course. It just will not be supported. So all of the vulnerabilities that come out involving it, will never get patched. That can open up a world of hurt for anyone still using it.
You don’t need it on your mobile devices either. There have been fake Adobe Flash updates found in the legitimate stores in the past. They have been removed, but it’s not unlikely that you will see others or see these fake ones in other places. If you see a notification pop up that you need to update your Adobe Flash, don’t click it.
When it comes to mining cryptocurrency, this nets the miner free money; in the form of the digital currency it’s mining. Mining is how the unregulated cryptocurrencies reconcile all the transactions. It’s as if everyone who has the currency is simultaneously balancing their spreadsheets. It takes a lot of computing power. That’s why these miners want to use other peoples’ systems. They use your machine, your electricity, and batteries and they get the Dinero!
The researchers are not quite sure how users find these URLs. Suffice it to say that if you need to update any product, go directly to the developer’s website to do it. Don’t follow a link on a popup window. Those are often phishing or direct you to some type of malware. Every once in a while, reboot your computers and mobile devices. This allows the operating system to “phone home” and find out if legitimate updates are available for what is running on your system.
XMRig has been making its rounds since August, according to the researchers. It’s believed that more than $25,000 in Monero has been mined using illegitimate browser-based scripts each month.