Advanced Installer Misused to Drop Crypto-Mining Malware
- An official Windows tool, Advanced Installer, is being used for insidious purposes since November 2021.
- Threat actors are exploiting this tool to discreetly package crypto-mining malware with legitimate software installers.
- Adobe Illustrator, Autodesk 3ds Max, and SketchUp Pro were among the infected software.
From Bona Fide Tool to Bane
No, we’re not talking about Batman’s nemesis here, but something quite as menacing: Advanced Installer, a trustworthy Windows tool created for making software packages, has been playing the villain since at least November 2021. And it’s not planning a heist; rather, it’s been co-opted by nefarious actors to bundle malware with authentic software installers. Imagine this like mixing pop rocks with spinach smoothies, with the malware being the unwelcome surprise… only much, much worse.
A Creative Blend of Legitimate and Malicious
Talk about a dubious cocktail served with a nefarious twist. Threat actors have been playing bartender, mixing in malicious scripts with popular software installers such as Adobe Illustrator, Autodesk 3ds Max, and SketchUp Pro. But instead of a cheeky hangover, users find themselves hosting an uninvited guest – a cryptocurrency-mining malware. Now, that’s a party crasher with a bad taste.
In what seems to be straight from a tech-themed episode of “Twilight Zone,” the respectable Windows tool, Advanced Installer, has been wielded inappropriately since November 2021. Cyber threat actors have been using the tool to craft a harmful blend of legit and malicious, packaging crypto-mining malware with well-known software installers such as Adobe Illustrator, Autodesk 3ds Max, and SketchUp Pro.
So, the next time you’re downloading updates for these popular software, remember to be on the lookout for potential party crashers. After all, no one likes unexpected mining operations happening in their backyard (or in this case, their computer).