It has been found out, since early August days, the crypto-currency looters have been ingeniously hiding mining malware in genuine updates of Adobe Flash.
As mentioned by some cyber-security researchers, it turns out that the mining actions were occurring with the help of a spurious updater which was on the go ever since early August. With an assertion to install a legitimate Flash update, the fraudulent file slips inside of the device a crypto-currency mining bot that goes by the name of XMRig with the aim of mining Monero the most sought after a privacy coin.
Over 110 samples of such fake updates were discovered by some researchers with ‘Adobe Flash Player’ prefixed on the files. It could be considered that users are pointed towards the files by way of hoax URLs.
Later, when the URL downloads and installs an authentic Flash update, the mining bot connects itself to a Monero mining pool and begins the job. The actual sure-shot procedure is still not known.
When examined the spoofy URLs were found out to be perfectly harmless and nothing suspicious could be suspected.
As per conventional behavior of the mining malware, the infected system does the prime work and redirects any mined Monero to a single wallet.
The most enigmatic part of the play is that the user has no idea about the Flash update’s illegitimacy as the malware is shrouded by the veil of an update and that the CPU of the user is going crazy, mining crypto-currency for some goons.
“Monero” has always been the first choice of cyber-looters. That’s exactly why it’s no surprise that according to a vague research, every month around more than $250,000 worth Monero is mined via fraudulent browser-based mining scripts.
Adobe hasn’t made any revealing comment as of now regarding the subject, but some research organizations are working hard towards minimizing the number of Monero-related cyber-crime.