Instagram's hacker forum is hacked by other hackers
infosec

Instagram's hacker forum is hacked by other hackers

Hacker hacked the OGUSERS forum and published his database on another hacker forum, as announced by the ...
Read More
infosec

Dramatic reduction of hacktivist attacks, from 2015 to today

IBM has conducted a survey according to which hacktivist attacks have been reduced by 95%, by 2015 ....
Read More
infosec

The site of the Singapore Red Cross was dashed

A hacking victim fell on Singapore's Red Cross site on Thursday and 4.000 potential blood donors were violated. OR...
Read More
infosec

Facebook blocked an Israeli company that was engaging in disinformation campaigns

Facebook announced that it had identified and blocked a misinformation campaign, which came from the Archimedes Group of Israel. Misinformation ...
Read More
infosec

The new techniques hackers use to violate Office 365

Some years ago, when cloud technology was first emerging, it was only used by technology savvy and the most innovative ...
Read More
Latest Posts

Cryptominer pretends to be an update to Adobe Flash Player

A new campaign by cryptominers has been detected and you distribute a premeditated Adobe Flash Player update. However, while it is not the first time we see malware pretending to update a real program update, it does the above step, and it actually updates Flash Player to its latest version so it does not seem suspicious to the user.

Cryptominer Adobe Flash Player

Brad Duncan, security researcher Palo Alto, was the one who detected the malware campaign. What he found was that during the "Renewal of Flash Player", he was installing a hidden Monero miner, and updating Flash Player from his official site Adobe.

The updating of the program played a very important role as it puts less suspicion on the user. Duncan reported that visually and operationally the false installer was almost identical to the original Adobe.

What the user did not know was that in his attempt to update his programs, his system was infected. While running the miner, the use of the processor went up to 100% as the 'mining' of the Monero cryptography began.

The way Brad Duncan found it was not the real update from Adobe was the URL that contained 'flashplayer_down.php? Clickid =', which would not have been the case if the installer came from the website of Adobe. Several of these files were kept on the Amazon Cloud AWS, so the researcher was unable to ascertain which site the campaign was running on.

Finally, what we have to do is never download updates from third party sites. If you visit a site that suggests updating Flash Player, just do not. You probably will not download what you are looking for.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *