Scammers disguise SMS trojan as flash player app

With Adobe no longer developing Flash player apps for Google's Android platform, scammers are exploiting the situation to spread malware disguised as Flash apps, a security vendor warned Wednesday night.

GFI Labs said Russian scammers have set up websites to fool users into downloading fake Flash Player apps to their Android devices.

"As of this writing, we’ve seen eight sites using Adobe’s logos and icons—all are linking to the same variant of OpFake Trojan disguised as the legit Flash Player for Android. All the Russian sites used different file names for their .APK files but they’re the same malicious variant," it said in a blog post.

Last Aug. 15 was the last day Adobe allowed users to download and install Flash Player for their Android devices. It is focusing on Flash for the PC browser and mobile apps bundled with Adobe AIR.

GFI said the scammers may be exploiting some Android users who were not aware of Adobe's decision.

Adware

Also, GFI noted an English website that also hosts a fake Flash Player file named adobeflashinstaller.apk, which is bundled with adware from a company called AirPush.

It said the adware is activated upon installation of the app and loads a screen where users can download more apps bundled with this adware.

"The app then loads a Home page containing instructions on how to get the fake Flash Player. Inexperienced smartphone owners would happily follow the step-by-step guide, not knowing that they’re actually rooting their smartphone devices," it said.

Once installed, the app connects to a forum post on XDA-Developers, a popular development community for smartphones and tablets, to download another .APK file.

The downloaded file is a hacked version of the actual Flash Player app.

"With a rooted device, future updates of this hacked app may grant or install new permissions users are not aware of," GFI warned.

The malware can start automatically in the background once the device is turned on or restarted.

"The only way to terminate it from running in the background is by manually doing a Force Stop from the Settings panel," it said. — TJD, GMA News

Editor’s note:Yahoo Philippines encourages responsible comments that add dimension to the discussion. No bashing or hate speech, please. You can express your opinion without slamming others or making derogatory remarks.

  • The other side of Palawan Ellen Tordesillas, Contributor - The Inbox
    The other side of Palawan

    By Ellen T. Tordesillas Mention Palawan and what comes to mind are  Underground River and El Nido in the northern side of this richly-blessed province from its capital, Puerto Princesa. Three  weeks ago, we went to the southern side- in … Continue reading → …

  • What can void a new car warranty? James Deakin - Wheel Power
    What can void a new car warranty?

    "I was denied warranty once for changing my horn!" One very annoyed reader wrote. "I was told that placing a backup camera will void my warranty" said another. The others are best left in my private inbox as Yahoo! have a swear jar in the office that I do not feel like donating this week's pay to. Continue reading → …

  • Docu exposes destruction of PH marine resources VERA Files - The Inbox
    Docu exposes destruction of PH marine resources

    By Kiersnerr Gerwin Tacadena, VERA Files "Gutom (hunger)," Sen. Loren Legarda said is what’s in store for the Filipino people if destruction of the country's marine resources is not stopped. Legarda, chair of the Senate committee on Environment and Natural … Continue reading → …

POLL
Loading...
Poll Choice Options