A Fake Adobe Update Is Installing Malware on Users’ Devices

Oh boy, you guys….we’re getting into some really shady territory when it comes to new hacks. The more prepared our cybersecurity tools, the more inventive the hackers are getting. Recently,  a fake Adobe update filled with crypto mining malware has been making its rounds online. Why? Because it actually does update Adobe! Read on to understand why that is very dangerous.

Fake Adobe Update – The Story

Palo Alto Networks, a cybersecurity company, released a statement last Thursday regarding a new “trick” hackers are using.

Apparently, a new type of fake Adobe update has been making its rounds online since August 2018. What sets this fake update apart from its malware-infested counterparts is that this time, it actually does update Adobe Flash.

Usually, fake Adobe updates do nothing more than install malware onto the systems of targets. They’re not very stealthy and can be caught out easily. This is how easy it used to be to catch out a malware-ridden program:

You installed an update > The update didn’t work > Your system is starting to lag a little > You have malware.

This new fake update, however, complicates this process a little. Now, all you see is that you installed an update…and it worked. For the average user, this is more-or-less a guarantee that the malware will stay put for a long period of time.

“But wait, all systems have a way of warning you if the program you’re downloading isn’t from a trusted source!” you might be thinking.

That is true. However, Palo Alto Networks found that some fake Adobe updates have “borrowed the pop-up notifications of the official Adobe installer”. What that means is that your system won’t be able to tell the difference. For all intents and purposes, it will think that this update is official. You will not be warned.

Fake Adobe Update and Cryptojacking

Same as always, these kinds of fake updates are made to install malware on the systems of unsuspecting victims.

These deceptive updates are no different. According to Palo Alto Networks, the purpose of these updates are to cryptojack a target’s system.

Basically, the fake update will update Flash for you, but it will also install crypto mining programs on your system. This will use up your system’s processor mining cryptocurrencies for the attacker. Malware programs, like the XMRig cryptocurrency miner, will run silently in the background. If you don’t have an updated anti-malware program, you might never find out that your system is infested with malware.

How Do I Stay Safe?

According to both Palo Alto Networks and McAfee Labs, malware infestations are on a rise. The month of September, specifically, saw a huge jump in malware infestations.

In other words, it’s important now more than ever that you keep your system protected at all times. Here are a few steps you can take to make sure that you’ve got your defenses in place:

1. Only Download Programs from Official Sites: Do not, under any circumstance, download any program or software off of anything other than the official website for the program.
2. Make Sure You Read the Reviews: The internet is a global community. With a little research, you’ll be able to find so many reviews and discussions about almost any software/program you can use. Make sure to look through these reviews before you download the software.
3. Always Have an Anti-Malware Program: You need to have a credible anti-malware program updated and ready to use at any moment. Make sure that it’s updated, always. Check out our article on the best anti-malware programs you should use.
4. Use a VPN: Using a VPN will help you make sure that, even if your system gets infected with malware, none of your data can be stolen. Same as with any program, never use a free VPN and only go with credible and trusted providers, like ExpressVPN.
5. Uninstall Flash Player: Adobe Flash is not really a program that you want on your system. If you don’t specifically need Flash Player, uninstall it. It is and has always been, riddled with vulnerabilities and security risks. Again, if you don’t specifically need it you should uninstall it ASAP.

Fake Adobe Update – Final Thoughts

So, that’s the story of the new fake Adobe update that’s quickly crawling through the internet. Make sure to keep your defenses up while downloading or using software off of the internet. Stay as far away from free software as possible, and try to stay as informed as you can about what’s going on in the realm of cybersecurity.