Researchers Find 100+ Pieces of Cryptojacking Malware Disguised as Flash Player

by Rachel McIntosh
  • Flash player has long been the favorite 'sleeper cell' of many malware developers.
Researchers Find 100+ Pieces of Cryptojacking Malware Disguised as Flash Player
Pixabay
Join our Crypto Telegram channel

Remember Flash Player? That handy-dandy web add-on that we all needed to play Insaniquarium in the early 2000s? Well, it’s still alive and kicking. And apparently, it’s become the new weapon of choice for crypto malware developers.

Insaniquarium, a popular Flash game launched in the 2000s.

Palo Alto Networks recently published new research revealing a recent uptick in the number of malicious Flash installers that download cryptocurrency malware onto computers. More than a hundred unique malicious Flash installers have been discovered by the researchers since March.

Oddly enough, these pieces of malware do actually also install Flash.

Apparently, the fact that the malicious software actually does achieve the end result that the user is looking for is all part of the ploy to make it seem legitimate.

When the software is opened, it runs a secret installer for an open-source cryptocurrency miner known as ‘XMRig.’ The malware immediately begins to absorb the computer’s processing power and graphics card capabilities to start mining Monero, which is then sent to an anonymous wallet. This practice is called ‘cryptojacking.’

Flash Has Long Been Targeted by Malware Creators

This isn’t the first time that Flash has been used as a sort of ‘sleeper cell’ by hackers. TechCrunch reported that when the software itself isn’t being used as a vehicle for malware to sneak onto a computer, trojan horse-style viruses disguise themselves as Flash updates across every corner of the internet.

TechCrunch also said that the trend “became so much of a problem that Google began sandboxing Flash (and other plugins) in Chrome almost a decade ago because Flash-based malware was so prevalent.”

Nowadays, Flash is hardly necessary for anything that most people would do with any regularity on the internet. The need for it only arises once in a while, and it’s even set to be permanently retired by Adobe in 2020. Until then, resist the urge to play those online games--your computer will thank you later.

Remember Flash Player? That handy-dandy web add-on that we all needed to play Insaniquarium in the early 2000s? Well, it’s still alive and kicking. And apparently, it’s become the new weapon of choice for crypto malware developers.

Insaniquarium, a popular Flash game launched in the 2000s.

Palo Alto Networks recently published new research revealing a recent uptick in the number of malicious Flash installers that download cryptocurrency malware onto computers. More than a hundred unique malicious Flash installers have been discovered by the researchers since March.

Oddly enough, these pieces of malware do actually also install Flash.

Apparently, the fact that the malicious software actually does achieve the end result that the user is looking for is all part of the ploy to make it seem legitimate.

When the software is opened, it runs a secret installer for an open-source cryptocurrency miner known as ‘XMRig.’ The malware immediately begins to absorb the computer’s processing power and graphics card capabilities to start mining Monero, which is then sent to an anonymous wallet. This practice is called ‘cryptojacking.’

Flash Has Long Been Targeted by Malware Creators

This isn’t the first time that Flash has been used as a sort of ‘sleeper cell’ by hackers. TechCrunch reported that when the software itself isn’t being used as a vehicle for malware to sneak onto a computer, trojan horse-style viruses disguise themselves as Flash updates across every corner of the internet.

TechCrunch also said that the trend “became so much of a problem that Google began sandboxing Flash (and other plugins) in Chrome almost a decade ago because Flash-based malware was so prevalent.”

Nowadays, Flash is hardly necessary for anything that most people would do with any regularity on the internet. The need for it only arises once in a while, and it’s even set to be permanently retired by Adobe in 2020. Until then, resist the urge to play those online games--your computer will thank you later.

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}