Cybercrimes have found a new way of pushing malware to their victim’s computers and install XMRig a Monero cryptocurrency mining software.
To be able to achieve all this the cybercriminals are using fake URLs which contain real flash updates from official Adobe installer. Furthermore, according to Brad Duncan, a cyber threat intelligence researcher from Unit 42 this time around the cybercriminals are pushing the updates and also installing flash updates. Through their malware, your Flash Player is updated to the latest version making their victims believe the update is real. But in the background, the XMRig malware gets to work and starts mining Monero on the victim’s computer.
How the Malware is spread
To entice their potential victim’s cybercriminals are using legit Flash Update installers from Flash player site. Through pop-up notifications, the updates reach the victim’s computers, and once installed the process is complete. According to Duncan’s analysis, the Monero mining software will redirect part of your traffic to mine Monero virtual currency. Although the fake updates have been online since March, it’s only in August 2018 that the attacks become rampant.
Monero Condemns the Attacks
In a bid to protect Monero enthusiasts from impersonators tarnishing its name through cryptojacking, Monero developers come up with Monero Malware Work Group. At the workgroup, users are provided with the necessary resources and tools to protect themselves against such attacks. Apart from Monero popular web browsers have stepped up the fight against cryptojacking. Brave and Opera are the recent browsers to embed software to protect their users from such attacks. Similarly Firefox one of the established browsers followed in the footsteps of Opera.
In the same fashion, a botnet cryptojacking malware has been discovered by researchers online. But instead of using its network to infect other computers botnet is targeting malware code and attacking the code. Through utilising a kamikaze attack technique, the botnet cryptojacking malware attacks the malicious malware and destroys the cryptojacking code. To achieve its purpose botnet malware carry’s out the research online and performs a kamikaze attack.
Cybercriminals have been devising new ways of attacking their victims, and with this recent one using a stealth update, more users fall into their traps. The cases are so rampant that McAfee recent report shows a surge of 629% in the first quarter of 2018. Moreover, UK researchers have revealed that 59% of businesses in the UK are victims of cryptojacking activities.