Hackers trying to use your computer to make money are getting sneakier.
Their latest approach uses malware that pretends to be an Adobe Flash update to install cryptomining software on victims’ computers. This forces them to mine for Monero, according to new research released Thursday by Unit 42, Palo Alto Networks’ threat research team.
To look as legit as possible, the new malware strains have copied the pop-up notification from an official Adobe installer and actually update victims’ computers with the latest version of Flash, making it appear to be a legitimate update.
It takes a lot of computing muscle and time to run the software that creates more Monero, and the growing value of cryptocurrencies like Monero, Bitcoin and Ethereum has put a premium on computing power. The malware provides cryptominers with a secretive shortcut to use a crowd of strangers’ computers without their knowledge.
“In most cases, fake Flash updates pushing malware are not very stealthy,” Unit 42 threat intelligence analyst Brad Duncan wrote in introducing the research. “Because of the latest Flash update, a potential victim may not notice anything out of the ordinary.”
Meanwhile, he said, a cryptocurrency miner or other unwanted program is quietly running in the background of the victim’s computer, posing a threat to its CPU usage and the system’s responsiveness. To avoid infection, Unit 42 researchers recommend keeping your systems up to date, not opening unexpected or untrusted attachments and links, and having security countermeasures in place.
Unit 42 researchers said Thursday they have identified 113 examples of the cryptocurrency-mining malware mimicking Flash updates since March.
Unit 42 has previously estimated that 5 percent of all Monero in circulation was mined through malicious activity.
Blockchain Decoded: CNET looks at the tech powering bitcoin — and soon, too, a myriad services that will change your life.
CNET Magazine: Check out a sample of the stories in CNET’s newsstand edition.