Cryptocurrency malware has been found in Adobe Flash updates. It’s a Trojan Horse tactic and has been found by researchers from Palo Alto Networks (via The Next Web).
The malware is a bot called XMRig that forces your computer to mine Monero. The researchers think that people are being led to the Adobe Flash update via spoofed URLs.
As is usually the case with cryptocurrency mining malware, the victim’s infected system does all the heavy lifting with no reward. In this case, any mined Monero is redirected to a single wallet…Some research has suggested over $250,000 of Monero is mined through illegitimate browser-based mining scripts every month.
The website downloads and installs a legitimate Flash update. The update contains the bot, which then connects to a Monero mining pool.