GDT Webinar Series – How to Fail at Security? Reserve Your Spot

Usually just a minor annoyance, the Flash Player update can now result in a major ordeal


By Richard Arneson

It’s one (1) of the most common speed bumps on the Internet highway—the Adobe Flash Player update message. It’s unexpected and never welcome—a little like a tornado, but not quite that bad. It may not trump some of the other digital speed bumps, like the Windows update you have to sit through after you’ve hit “Shut Down” on your computer (you know, the one that usually occurs at 5:30 on Friday afternoon), but it still serves as one (1) of computing’s many figurative mosquitoes. But while the Flash update has only proven to be a minor annoyance, you can now place it in another category―crippling.
Palo Alto Networks, the Santa Clara, CA-based cybersecurity firm, discovered earlier this month that a fake Flash updater has been loading malware on networks since early August. Here’s the interesting part—it actually installs a legitimate Flash update. But before you think cyber attackers have going soft, they’re downloading Flash for distraction purposes only. And while the update is taking place, another upload is occurring—the installation of a bot named XMRig, which mines a cryptocurrency named Monero. Once the install(s) are complete, the user, unbeknownst to them, begins mining Monero. And there you have it—cryptojacking.

Cryptojacking with XMRig

Once the phony Flash update is launched, the user is directed to a fake URL that, of course, isn’t connected to an Adobe server. After the Flash update is installed, XMRig accesses a Monero mining pool—and the fun begins. XMRig begins mining Monero from infected, networked computers as unknowing users merrily work along, completing their day-to-day tasks. Keep in mind that Monero is a legitimate form of cryptocurrency. Like Bitcoin for ransomware, Monero is the cryptocurrency of choice for cryptojacking. Monero’s website claims it is “the leading cryptocurrency with a focus on private and censorship-resistant transactions.” (Unlike Bitcoin, Monero doesn’t require the recipient to disclose their wallet address to receive payment(s)).

Let’s back up a bit—here’s how crypto mining works

It can be argued that cryptojacking has replaced ransomware as cyberattackers’ malevolent deed of choice. It’s important to remember, though, that cryptocurrency mining is legal—it’s how cryptocurrency works. Mining is the process of finding, then adding transactions to, currencies’ public ledger. The chain of transactions is called the block—hence the name blockchain.
A blockchain’s ledger isn’t housed in one (1) centralized location. Instead, it is simultaneously managed through duplicate databases across a network of computers—millions of them. Encryption controls and protects the creation of new coins and the transfer of funds, without disclosing ownership. The transactions enter circulation through mining, which basically turns computing resources into coins. Anybody can mine cryptocurrency by downloading open-source mining software, which allows their computer to mine, or account for, the currency. Mining solves a mathematical problem associated with each transaction, which verifies that the sender’s account can cover the payment, determines to which wallet the payment should be made, and updates the all-important ledger. The first one to solve the problem gets paid a commission in the particular currency it’s mining.
In cryptocurrency’s nascency, the computing power needed was minimal. Basically, anybody could do it. Now the computing power needed to mine cryptocurrency is considerable, with miners requiring expensive, purpose-built, super powerful computers to do so. If they don’t have that, they can forget making decent miner money. But building enough computing resources needed to profitably mine cryptocurrency today is expensive, often cost prohibitive. In cryptojacking, however, the cyber attackers network together infected computers and utilize their computing power without spending a dime. In turn, the victim’s infected computer is busy surreptitiously mining cryptocurrency and slowing to a crawl. The bad guys enjoy pure net revenue.

Got question? Call on the Security experts

To find out more about cryptojacking, ransomware, malware, Trojans, and the host of security-related issues your organization needs to consider and fend off, contact GDT’s tenured and talented security analysts at From their Security- and Network Operations Centers, they manage, monitor and protect the networks of some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you
Get more information about network security here:
Gen V
Sexy, yes, but potentially dangerous
Tetration—do you know its meaning?
Rx for IT departments—a security check-up
How to protect against Ransomware


Share this article

You might also like:

As a global IT solutions provider, we understand that technology partnerships are absolutely crucial in our line of business. It’s fair to say that without great partners to work with, we couldn’t do what we do. It’s also fair to say that without the expertise the GDT team brings to

If you’re wondering if your organization’s ransomware defense strategy is as strong as it could be, you’re not alone. Ransomware has emerged as one of the top cybersecurity threats of 2024, impacting nearly three-quarters of organizations last year with an average cost of $4.45 million.i According to Verizon, about a

Mergers, acquisitions, and divestitures (M&A/D) offer opportunities for businesses to grow, streamline operations, and enter new markets. However, strategic planning and financial negotiations can overshadow a crucial element: information security.   This blog post dives into the critical security considerations for M&A/D activities, exploring the importance of information security, potential risks,