Skip to main content
  1. Home
  2. Mobile
  3. News

New Android virus poses as an Adobe Flash Player update

Kyle Wiggers
By

android flash trojan 61435934 ml
Dennizn / 123RF
If you use an Android device and happen upon an update for Adobe Flash player, you’d best not download it. A new strain of malware posing as an innocuous software upgrade is spreading like wildfire via social media and compromised websites.

It looks legitimate enough to fool, at first. A malicious link directs unwitting users to a download page that instructs you to “upgrade” Adobe Flash, a browser plugin designed to run multimedia games and apps on the web. In truth, it downloads a malicious application called “Android/TrojanDownloader.Agent.Jl”.

Recommended Videos

A second message, which appears after several seconds has elapsed, falsely warns users that their device’s battery-saving mode has been disabled, and prompts them to toggle a switch to enable it again. Users who do so are redirected to the Android Accessibility settings page, where the malware overlays a fake “Saving Battery” option.

Related

If the fake option is toggled, the malware’s effectively granted permission to monitor actions, retrieve window content, and turn on device features at will. It will contact a remote server, sending the compromised device’s details and initiating the download of more apps, adware, and even spyware.

The damage can be difficult to undo. A false device lock screen prevents users from uninstalling the app. And even if it’s bypassed, removing the trojan from the Settings menu doesn’t remove any apps it installed surreptitiously.

Lukas Stefanko, an ESET malware researcher, told Neowin the best way to remove the trojan is to use a mobile security solution.

The best way to protect yourself is to avoid downloading and installing suspicious files from the internet. The malware’s references to Flash Player should be a tip off, too — Adobe discontinued support for the plugin on Android as a result of stability and security concerns.

The malware’s far from the first of its kind. “Gooligan,” an app which which can steal your Gmail account and authentication information, install apps from the Google Play store, rate them without consent, and install adware, infected more than one million devices last year. Another, “Humingbad,” which fraudulently injects third-party ads into applications, was detected on as many as ten million devices in July 2016.

Luckily, Google’s taking charge. At the recent RSA security conference in San Francisco on Wednesday, the search giant announced that Verify Apps, an Android security feature which automatically scans devices for viruses and malware, checked more than 750 million Android devices each day last year. And Google said it’s working with 351 wireless carriers to improve the time it takes to test security patches before deploying them to users.

Editors' Recommendations

Topics
Kyle Wiggers
Kyle Wiggers
Former Digital Trends Contributor
Kyle Wiggers is a writer, Web designer, and podcaster with an acute interest in all things tech. When not reviewing gadgets…
We finally know when Apple will announce its 2024 iPads
Official artwork for Apple event in May 2024.

(more…)

Read more
One of the biggest Oura Ring competitors just did something huge
The Ultrahuman Ring Air and the Oura Ring, resting on a table.

Ultrahuman, the maker of the Ultrahuman Ring Air, is making its way to U.S. production grounds. The company is setting up a production facility in Indiana, which will mark the first time a smart ring from Ultrahuman will be assembled from scratch on U.S. soil.

“The UltraFactory will offer an end-to-end production capability and is based on the company’s first operational model of such a facility in India,” the company says.

Read more
Best Verizon new customer deals: Galaxy S24, iPhone and more
Verizon logo on a smartphone screen in a dark room and a finger touching it.

If you’re in the market for one of the best phones, or any new phone for that matter, you’re going to need a good carrier. Verizon has long been one of the most popular options, as it boasts one of the most reliable networks in the United States. It offers some of the best cell phone plans out there, and for new customers Verizon also offers some pretty impressive discounts on new phones. In many cases this means you can brand new, recently released phones entirely for free when signing up with Verizon. And that’s the case right now, as we’re currently seeing some of the best Verizon new customer deals we’ve seen. You can pretty easily land a new iPhone, Samsung Galaxy phone, and Google Pixel for free, and we’ve got all of the details on how to do so. If that sounds enticing, read onward and start shopping the best Verizon new customer deals available right now.
Free iPhone SE (3rd Gen)

The 2022 release of the Apple iPhone SE is yours for free when you sign up for a new 5G data plan on Verizon -- no trade-ins required. It's the best small smartphone in our list of the best smartphones with a 4.7-inch Liquid Retina display, but it doesn't sacrifice performance as it's powered by Apple's A15 Bionic chip that's also found in the iPhone 13 line and pre-installed with iOS 15. The latest iPhone SE is equipped with a single 12MP rear sensor and 7MP selfie camera, which are boosted by Apple's software to enable better photographs.

Read more