Menu
Cybercriminals take advantage of Android Flash Player gap on Google Play

Cybercriminals take advantage of Android Flash Player gap on Google Play

Fake Android Flash Player installers hide malware and adware, security researchers say

Cybercriminals are trying to capitalize on Adobe's decision to stop distributing Android Flash Player to new users via Google Play by creating malware and adware apps that masquerade as Flash Player installers.

Since Aug. 15, Android users who didn't already have Flash Player installed on their devices could no longer obtain it from Google Play.

This is the result of Adobe's decision to phase out Android Flash Player in favor of Adobe AIR, a cross-platform runtime environment that enables developers to package native apps for different mobile platforms and devices.

"Of course, it's possible that some Android users have missed that deadline, so they venture on to other parts of the Internet in search of alternative download sites," Jovi Umawing, a communications and research analyst at GFI Software, said Wednesday in a blog post.

This is precisely what cybercriminals are counting on, as GFI's security researchers have already identified multiple SMS Trojan apps packaged as Flash Player for Android.

Most of these apps are distributed from third-party Russian app stores and websites. However, the company's researchers have also come across an English-language scam that tried to pass an adware app as Android Flash Player.

This particular piece of adware creates shortcut files on the home screen that lead to advertisements, displays ads via Android's notification bar every 15 minutes and sends information about the user's contacts to advertisers, Umawing said.

The rogue adware installer also downloads and installs a modified version of Flash Player from XDA-Developers, a legitimate online community of mobile developers.

"While [the modified Flash Player] is not malicious in itself, Adobe does not support it -- worse, it could cause some problems to the device," Umawing said. "With a rooted device, future updates of this hacked app may grant or install new permissions users are not aware of."

Researchers from security vendor Webroot have also noticed the wave of rogue apps masquerading as Android Flash Player that appeared on the Internet after Adobe decided to stop distributing the software through Google Play.

The fake Flash Player installers detected by Webroot's researchers consist of the same type of premium-rate SMS sending Trojan apps and adware that GFI's researchers observed.

For example, one particular app claiming to be Android Flash Player only installs a Flash Player icon that opens a page full of advertisements in the browser when clicked, Webroot security researcher Joe McManus said in a blog post on Thursday.

"These types of apps are annoying and really are meant to drive web traffic to sites so the developer can receive pay-per-click revenue, and in this case they deceive the customer into thinking they're getting a known productive app," McManus said.

Users who missed Adobe's deadline and still want to install Android Flash Player don't need to go looking for it on third-party app stores and other websites that they don't trust.

The latest version of the software is still available in Adobe's official Flash Player archive and can be downloaded from there. However, users who install it this way will not automatically receive future updates for critical bugs that Adobe will release via Google Play to existing users.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

EDGE 2018: Kiwis kick back with Super Rugby before NZ session

EDGE 2018: Kiwis kick back with Super Rugby before NZ session

New Zealanders kick-started EDGE 2018 with a bout of Super Rugby before a dedicated New Zealand session, in front of more than 50 partners, vendors and distributors on Hamilton Island.‚Äč

EDGE 2018: Kiwis kick back with Super Rugby before NZ session
EDGE 2018: Kiwis assess key customer priorities through NZ research

EDGE 2018: Kiwis assess key customer priorities through NZ research

EDGE 2018 kicked off with a dedicated New Zealand track, highlighting the key customer priorities across the local market, in association with Dell EMC. Delivered through EDGE Research - leveraging Kiwi data through Tech Research Asia - more than 50 partners, vendors and distributors combined during an interactive session to assess the changing spending patterns of the end-user and the subsequent impact to the channel.

EDGE 2018: Kiwis assess key customer priorities through NZ research
Show Comments