Cybercriminals take advantage of Android Flash Player gap on Google Play
Fake Android Flash Player installers hide malware and adware, security researchers say
IDG News Service - Cybercriminals are trying to capitalize on Adobe's decision to stop distributing Android Flash Player to new users via Google Play by creating malware and adware apps that masquerade as Flash Player installers.
Since Aug. 15, Android users who didn't already have Flash Player installed on their devices could no longer obtain it from Google Play.
This is the result of Adobe's decision to phase out Android Flash Player in favor of Adobe AIR, a cross-platform runtime environment that enables developers to package native apps for different mobile platforms and devices.
"Of course, it's possible that some Android users have missed that deadline, so they venture on to other parts of the Internet in search of alternative download sites," Jovi Umawing, a communications and research analyst at GFI Software, said Wednesday in a blog post.
This is precisely what cybercriminals are counting on, as GFI's security researchers have already identified multiple SMS Trojan apps packaged as Flash Player for Android.
Most of these apps are distributed from third-party Russian app stores and websites. However, the company's researchers have also come across an English-language scam that tried to pass an adware app as Android Flash Player.
This particular piece of adware creates shortcut files on the home screen that lead to advertisements, displays ads via Android's notification bar every 15 minutes and sends information about the user's contacts to advertisers, Umawing said.
The rogue adware installer also downloads and installs a modified version of Flash Player from XDA-Developers, a legitimate online community of mobile developers.
"While [the modified Flash Player] is not malicious in itself, Adobe does not support it -- worse, it could cause some problems to the device," Umawing said. "With a rooted device, future updates of this hacked app may grant or install new permissions users are not aware of."
Researchers from security vendor Webroot have also noticed the wave of rogue apps masquerading as Android Flash Player that appeared on the Internet after Adobe decided to stop distributing the software through Google Play.
The fake Flash Player installers detected by Webroot's researchers consist of the same type of premium-rate SMS sending Trojan apps and adware that GFI's researchers observed.
For example, one particular app claiming to be Android Flash Player only installs a Flash Player icon that opens a page full of advertisements in the browser when clicked, Webroot security researcher Joe McManus said in a blog post on Thursday.
"These types of apps are annoying and really are meant to drive web traffic to sites so the developer can receive pay-per-click revenue, and in this case they deceive the customer into thinking they're getting a known productive app," McManus said.
Users who missed Adobe's deadline and still want to install Android Flash Player don't need to go looking for it on third-party app stores and other websites that they don't trust.
The latest version of the software is still available in Adobe's official Flash Player archive and can be downloaded from there. However, users who install it this way will not automatically receive future updates for critical bugs that Adobe will release via Google Play to existing users.
- Pragmatic Endpoint Management: Empowering an SMB Workforce in the Age of Mobility Lacking the time for proper training and education, SMB administrators often resort to taking shortcuts to keep their environment running.This paper discusses the...
- Improve Your Mobile Application Security with IBM Worklight IBM® Worklight helps organizations extend their business across multiple mobile devices. It provides an open, comprehensive and advanced mobile application platform to help...
- Top 3 Iron-Clad Reasons Why File Sync/Share is Not Endpoint Backup Employees unknowingly create corporate data security risks by adopting these easy-to-use, personal applications. Read this executive brief to learn more.
- Security Technologies for Mobile and BYOD With so many security technologies available, how do you sort through the options and pick the solutions that will really work for your...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Mobile Security White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!