Beware: Malware Installed in Fake Software Updates
In our current environment of hacks, breaches and viruses, it’s standard operating procedure to install all software updates as soon as you receive them. Unfortunately, this practice has created a new opportunity for scammers to sneak in malware.
Recent cases have involved fake Flash updates. When prompted to update to a new version of Flash, a cryptocurrency miner called XMRig is also installed. Unlike other types of malware, this strategy actually installs the new Flash update so the user might not detect unusual activity. Meanwhile, XMRig works undetected in the background to use the computer’s resources to generate a popular privacy-focused cryptocurrency called Monero.
Malicious cryptomining, also known as cryptojacking, is the act of hijacking another computer’s CPU/GPU processing power. Cryptomining requires a constant internet connection and consumes loads of electricity, causing a computer to overheat to the point of damage and data loss. That’s why cybercriminals target other computers for immoral purposes. By concealing a cryptomining application within a common upgrade, the hacker can continue to use the hijacked computer’s resources without the owner’s knowledge.
Security Pitfalls
This strategy reveals the importance of staying on top of software and computing issues, and recognizing that not all security apps are effective. Some are even complete frauds, designed only to infiltrate your system – so it’s very important to vet any ad-blockers or other downloads before installing them.
In some cases, the security software can create vulnerabilities, doing your computer more damage than good. For example, applications might require access to your personal information, such as browser history, personal files and unique identifiers, to function. The software may need some of this information to run properly, but it also could be culling more data than necessary for the purpose of selling a profile of you as a user.
Also be aware that not all security tools are equal. Some might detect and block different strains of malware, but not all of them. This can give you a false sense of security when, in fact, your computer it is still vulnerable. A study conducted in 2017 revealed that it was not all that difficult for a seasoned software designer to create malware that could bypass 95 percent of antivirus tools for Android.
While virtual private networks (VPNs) are designed to establish a secure connection through a remote server, another study found that nearly one-fifth of mobile VPN apps did not encrypt user traffic at all.
Recognize that the app industry is not highly regulated, so security software available in app stores may not work as well as their developers claim. They could have limited application and are not be updated regularly to prevent infiltration by hijackers. Or, a cybercriminal may even purchase the software and have access to its users in order to harvest personal information or disseminate malware through future updates.
To help protect your electronic devices from malware and other cyber breaches, consider the following tips.
- Download apps and updates from well-known app stores, which do a better job of vetting developers.
- Don’t go crazy installing every cool app you see. Stick to a few that you use most often.
- If you get a notification to download a new update, go to the website to verify and install from there.
- Be diligent about keeping your operating system updated.
- Don’t click on links from untrusted sources.
Finally, choose an antivirus software from a well-known vendor. Read its product description and online reviews. Be sure you understand what it does as well as what it doesn’t do. Also consider what type of permissions it requests and whether or not they make sense. Once installed, be sure to keep the software updated as required.