Beware of Malware Infested Fake Flash Player for Android
One of the greatest advantages of choosing an Android device over an iOS equivalent is that Google's open source operating system plays nice with Adobe's Flash platform. Unfortunately, Flash doesn't always play nice with Android users, at least not when it's been mucked with. According to security firm Trend Micro, a fake Flash Player infested with malware is making the rounds on the Android platform. Most, if not all, instances trace back to a Russian website serving up the booby-trapped software.
"This webpage [where the fake Flash Player resides] is also found to be hosted on Russian domains, similar to the fake Instagram and Angry Birds Space apps that we previously reported," Trend Micro explains. "To further entice users into downloading the fake Adobe Flash Player app, the text on the webpage claims that it is fully compatible with any Android OS version.
"When users opt to download and install the said fake app, the site connects to another URL to download a malicious .APK file, which Trend Micro detects as ANDROIDOS_BOXER.A. ANDROIDOS_BOXER.A is a premium service abuser, which means it sends messages to premium numbers without the user’s permission, thus leading to unwanted charges."
Trend Micro claims to have found "a bunch of URLs that are hosted on the same IP" as the above mentioned website, and based on the naming scheme, it seems Android is fast becoming a favorite target for malware writers. As always, be extra cautious of what you download and where you download your apps, especially if you choose to grab software from untrusted locations.
"This webpage [where the fake Flash Player resides] is also found to be hosted on Russian domains, similar to the fake Instagram and Angry Birds Space apps that we previously reported," Trend Micro explains. "To further entice users into downloading the fake Adobe Flash Player app, the text on the webpage claims that it is fully compatible with any Android OS version.
"When users opt to download and install the said fake app, the site connects to another URL to download a malicious .APK file, which Trend Micro detects as ANDROIDOS_BOXER.A. ANDROIDOS_BOXER.A is a premium service abuser, which means it sends messages to premium numbers without the user’s permission, thus leading to unwanted charges."
Trend Micro claims to have found "a bunch of URLs that are hosted on the same IP" as the above mentioned website, and based on the naming scheme, it seems Android is fast becoming a favorite target for malware writers. As always, be extra cautious of what you download and where you download your apps, especially if you choose to grab software from untrusted locations.
