Beware of the sites where you update Flash, some use your CPU to mine cryptocurrencies

Share this…

A company in information security recommended to update as soon as possible Adobe Flash Player 28.0.0.161, the latest version of Adobe released as an emergency patch due to a critical 0day vulnerability that was being exploited by hackers. Just as hackers take advantage of vulnerabilities, they also take advantage of the fear, and for that reason they have created a lot of fake web pages that offer updates for Flash Player but that, in reality, are used for other purposes, such as advertising and even mine cryptocurrencies using the user’s CPU.

As we can read on the net, information security experts from international institute of cyber security have detected a considerable number of web pages that deceive the user to download a Flash update that, in reality, is used for other purposes. When we enter the page in question, it will automatically downloads a file, “java-player.exe”, that supposedly tries to pass itself off as a Flash update but, actually, when we execute it, it loads a process in our memory of the device that uses 100% of our CPU to mine cryptocurrencies.

To ensure some persistence, this malware creates a scheduled task in the system so that the cryptocurrency mining software will automatically run every time we restart our computer, said a specialist in information security.

While the installer that we have linked before (link to VirusTotal) is not detected by much antivirus software since it started operating relatively recently, the mining process that is loaded in the system is, so any antivirus updated will be able to detect it and eliminate it to stop using our hardware to generate revenue for hackers. In addition, applications such as Malwarebytes Anti-Malware will help us keep our device equally clean.

How should I update Adobe Flash Player safely?

To avoid falling into this type of scams information security experts from WebImprints said, it is best to ensure that we update our Adobe Flash Player always from your main website. On this website we will always find the latest version available (currently 28.0.0.161) so that, if we still have this plug-in installed on the computer for some reason, at least we can be protected from some of the countless security flaws it hides this software.

Also, if we are users of Windows 10, it is advisable to download security updates from Windows Update, since these updates hide Flash Player patches, and Google Chrome users should check that their web browser is updated correctly that the Google Flash plug-in does not hide any vulnerability either.

Finally, we must be wary of websites that indicate that Flash, or some other add-on, are outdated and offer us the possibility to download an update from those links. As per investigation by various information security companies, this type of sites always hide scams with which hackers can monitor all our activity, steal personal or banking data or display advertising to use our hardware to mine cryptocurrencies.