Research published by the cybersecurity research firm Palo Alto Networks revealed a recent surge in the number of Flash drives “marked” malicious in the broader market, and noted more than a hundred such instances contained crypto-mining scripts to extract a victim’s PC power to mine cryptocurrencies for the malware’s developer.
Interestingly, the malicious files do install Flash on the victim”s computer, alongside the malware, as part of a ploy to avoid arousing suspicious activity. However, upon discovery, Adobe was quick to issue a patch to prevent further exploits:
After installation, the software runs an installer file for an open-source cryptocurrency miner called XMRig without the user’s permission. Immediately after installation, the malware begins to acquire processing power and graphics card capability from the computer to mine Monero (XMR).
XMR: A Hacker’s Best Friend
Flash-based malware is not a new feature of the cybercrime space. Hackers have historically deployed viruses and ransomware disguised by a Flash update, with the practice running rampant until the software’s decline at the start of this decade. The nuisance reached such high levels that even Google blocked Flash plugins to its browser without due scrutiny.
Adobe is set to retire its creation in 2020, but until then, hackers have a window to deploy XMRig and other miners to mine some XMR for themselves.
Illicit cryptocurrency mining, or cryptojacking as popularly known, continues to be a world-wide problem after its rise in 2018. The attack type displaced ransomware as the most popular form of cybercrime in 2017, and went up by 629 percent in Q1 2018, as per a McAfee report.
The most exploited cryptojacking method remains that of installing the Coinhive miner on victim computers to mine XMR for hackers. The browser-based miner has been used against Indian government websites, U.S. zoos, and entire corporations.
Meanwhile, XMR remains the currency of choice for hackers to mine, courtesy of its substantial pay-outs, low-cost to mine, and untraceability to stolen funds.
Mammaries Monerostedt
Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
https://btcmanager.com/flash-exploited-cryptojackers-mine-monero-over-100-instances-flagged-adobe/
Congratulations @mohsin195! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :
Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word
STOPDo not miss the last post from @steemitboard:
Congratulations @mohsin195! You received a personal award!
You can view your badges on your Steem Board and compare to others on the Steem Ranking
Do not miss the last post from @steemitboard:
Vote for @Steemitboard as a witness to get one more award and increased upvotes!