Hidden miner Monero was built into the fake update Adobe Flash
According to a study released by the cybersecurity team Unit 42 of Palo Alto Networks, malware that pretends to be an Adobe Flash update is secretly installing an XMRig miner on a computer. He gets Monero cryptocurrency (XMR) .
According to experts, the authors of the malware carefully copied the pop-up notification of the official Adobe installer. Moreover, the download really updates Flash to the latest version.
Analyst Brad Duncan from Unit 42 says :
As a rule, fake Flash updates with malware are not very well hidden, but in this case, the potential victim may not notice anything unusual.
Unit 42 experts stumbled upon a novelty during the search for popular fake Flash updates using AutoFocus, the analytical tool Palo Alto Networks.
Recall that, according to a study prepared in August by scientists from the Rhine-Westphalian Technical University of Aachen (Germany), Coinhive remains the most popular XMR browser miner (it is especially active in Brazil).
Monero developers are not satisfied with the current reputation of cryptocurrency, so they created a special website where users can get information on how to remove such malicious programs.