11 October 18, 13:47
Quote:Cryptocurrency miners are now being distributed by a new campaign pretending to be Adobe Flash Player installers. While this is not new, this particular campaign is going the extra mile to appear legitimate by not only installing a miner, but also updating Flash Player as well.
Fake Flash Player installers with miners are not new, but in the past they have always just installed the miner and then either exited or opened a browser to the Adobe Flash Player web site.
In a new malware campaign discovered this by Palo Alto Unit 42 researcher Brad Duncan, it was found that a fake Flash Player Trojan not only installed a XMRig miner, but it also automatically updated his installed Flash Player. This real Flash installer was downloaded by the Trojan from Adobe's site. https://researchcenter.paloaltonetworks....cy-miners/
Source: https://www.bleepingcomputer.com/news/se...nstallers/