Scammers disguise SMS trojan as flash player app

With Adobe no longer developing Flash player apps for Google's Android platform, scammers are exploiting the situation to spread malware disguised as Flash apps, a security vendor warned Wednesday night.

GFI Labs said Russian scammers have set up websites to fool users into downloading fake Flash Player apps to their Android devices.

"As of this writing, we’ve seen eight sites using Adobe’s logos and icons—all are linking to the same variant of OpFake Trojan disguised as the legit Flash Player for Android. All the Russian sites used different file names for their .APK files but they’re the same malicious variant," it said in a blog post.

Last Aug. 15 was the last day Adobe allowed users to download and install Flash Player for their Android devices. It is focusing on Flash for the PC browser and mobile apps bundled with Adobe AIR.

GFI said the scammers may be exploiting some Android users who were not aware of Adobe's decision.

Adware

Also, GFI noted an English website that also hosts a fake Flash Player file named adobeflashinstaller.apk, which is bundled with adware from a company called AirPush.

It said the adware is activated upon installation of the app and loads a screen where users can download more apps bundled with this adware.

"The app then loads a Home page containing instructions on how to get the fake Flash Player. Inexperienced smartphone owners would happily follow the step-by-step guide, not knowing that they’re actually rooting their smartphone devices," it said.

Once installed, the app connects to a forum post on XDA-Developers, a popular development community for smartphones and tablets, to download another .APK file.

The downloaded file is a hacked version of the actual Flash Player app.

"With a rooted device, future updates of this hacked app may grant or install new permissions users are not aware of," GFI warned.

The malware can start automatically in the background once the device is turned on or restarted.

"The only way to terminate it from running in the background is by manually doing a Force Stop from the Settings panel," it said. — TJD, GMA News

Editor’s note:Yahoo Philippines encourages responsible comments that add dimension to the discussion. No bashing or hate speech, please. You can express your opinion without slamming others or making derogatory remarks.

  • Viernes Santo in Kalibo VERA Files - The Inbox
    Viernes Santo in Kalibo

    Photos by Little Wing Luna, VERA Files Text by Mitch Meñez Kalibo, Aklan--Viernes Santo or Good Friday is the most solemn of all the days in Holy Week. It commemorates the Passion and Death of Jesus on the Cross. The … Continue reading → …

  • Hugas Dugo VERA Files - The Inbox
    Hugas Dugo

    Text by Kimmy Baraoidan, VERA Files Photos by Chris Quintana and Kimmy Baraoidan Pakil, Laguna--In the small town of Pakil, Laguna resides a group of men who call themselves Hugas Dugo. Most members of the group are residents of the … Continue reading → …

  • Lenten procession more than just a spectacle VERA Files - The Inbox

    Text and photos by Kiersnerr Gerwin Tacadena, VERA Files Baliuag, Bulacan--This town is hosting what could be the country’s biggest Lenten procession consisting of more than 100 religious statues riding on carriages or carrozas. But concerns are being raised that … Continue reading → …

POLL
Loading...
Poll Choice Options