Fake Flash Player, Laden with Malware, Making Rounds

Scammers have already begun to take advantage of Adobe’s recent decision to remove its Flash Player from Android’s Google Play marketplace. Last week’s removal has prompted scammers to start promoting fake versions of the software to unsuspecting smartphone owners. While researching the scamware, security firm GFI Labs uncovered a separate fake version of the Flash Player that’s not only bogus but an SMS Trojan that comes bundled with adware.

Android securityScammers have already begun to take advantage of Adobe’s recent decision to remove its Flash Player from Android’s Google Play marketplace. Last week’s removal has prompted scammers to start promoting fake versions of the software to unsuspecting smartphone owners. While researching the scamware, security firm GFI Labs uncovered a separate fake version of the Flash Player that’s not only bogus but an SMS Trojan that comes bundled with adware.

According to a post on the company’s blog, the app named ‘adobeflashinstaller.apk’ comes replete with adware from the mobile ad network AirPush. Once installed, the app tricks users into following a series of steps to root their phone before downloading another .APK file. This file, hosted on a XDA-Developers forum post, is a hacked version of Adobe’s Flash Player app. While the app isn’t necessarily malicious, it’s not authorized by the company, meaning it’s possible the app could grant or install permissions without the users’ knowledge further down the line.

Meanwhile, the app’s adware leads to the installation of advertisements on the phone. If the user tries to deletes them, the adware will simply add more of them. The adware also will change the users’ home page; send pop-up ads to the phone’s status bar every fifteen minutes and even read and send the users’ phonebook contacts to advertisers.

Adobe ceased development on Flash Player for Android on August 15 after announcing it was shifting its focus to AIR, a runtime environment that allows apps that utilize Flash to run on devices natively. Adobe added that the current version of Flash Player as it stands may exhibit “unpredictable behavior” when the next version of Android, Jelly Bean, is further rolled out.

Suggested articles

biggest headlines 2020

The 5 Most-Wanted Threatpost Stories of 2020

A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year.

Discussion

  • Anonymous on

    Suggested you could have included a link or single sentence on what people who want the current flash player should do now, or go to get the current one, etc - or is AIR now out etc? All you've done now is basically tell people, no more flash on driod until Adobe can be bothered to get out of bed ...

  • Independent on

    Geez... What a BUST for Googles Android, again. The first thing I see when I hear or think of my Google Android Expensive tablet is; a featherless chicken runing aimlesly through fox heaven. If I could dump this thing for a quarter of what I bought it for 4 months ago, I would leave skid marks on my driveway... I don't think there's much any Internet Security provider can do to protect Googles Android. How do you keep flies of stinking spit? In my opinion, Android is the biggest piece of malware ever foisted on the pubic. The news constantly supports my observation. At least Apple vets its apps! I'm NO Apple fan. They seem to have it all over Android. Very unhappy Android victim.

     

     

  • bassbelly on

    WEll my lap top (this lap top) is virtually lost to me! Trojans, ad ware, even my android is running bogus flashe player ++. I'm past fighting these scum bags. they just beat me and I'm laying down!

    My password is changed every day on my 3 emails. gmail, yahoo, FB to by someone or something?

    No  one really want's to help, certainly not the service providers. After 10 years my wifes HMail has gone. MS cannot get it back. HM didn't even say sorry. Everyone want to sell us crap like this. Free! yeh! 80MB and you still have nothing to fight with. Everyone wants money! Some of us pensioners don't have money and cannot understand what's going on. An invisible thief came and took away what little social life we had. Our love, help advice and even our poems, and songs we shared are gone, and so are our friends now! How do we cope with this? Where do me find the emotional energy at out age?

    I do know a Canadian Phamacutics company send me a lot of mail!¡. The Bastards!

    rememeber I cannot read my emails anymore so???

  • Anonymous on

    Any time you let the public be able to make apps you open yourself up to infections, however you also allow alot more innovation, closing your doors like apple does stifles innovation, What needs to be done is a better way of screaning the apps in android, thier bouncer program does a halfway decent job but something else needs to be done. I am sure google will figure out something.

  • Anonymous on

    Friends.. every problem had its own solution, when you are enjoying the thing think that there is envy of other,who is trying to mislead, or distruct the things without knowing the unknown..what we had to do is think twice before we purchase anything and do perfect maintaince everyweek.. check the appropriate which is important and also check the sensible matters.. becoz  the world is big enough to provide and as well for capture any electronic things... to gain money

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.