Android Flash Player Malware Poses as APK File

Trend Micro researchers recently uncovered a new form of Android malware diguised as Adobe Flash Player for Android, in a manner similar to malicious apps posing as Android versions of Instagram and Angry Birds Space, both of which appeared last month.

“When users opt to download and install the … fake app, the site connects to another URL to download malicious .APK file, which Trend Micro detects as ANDROIDOS_BOXER.A,” writes Trend Micro’s Karla Agregado. “ANDROIDOS_BOXER.A is a premium service abuser, which means it sends messages to premium numbers without the user’s permission, thus leading to unwanted charges.”

“Both the website offering the fake app and the one from which the Trojan is downloaded are hosted on the same IP address — a Russian domain,” writes Help Net Security’s Zejlka Zorz. “‘Based on the naming alone used in these URLs, it appears that Android is a favorite target for cybercriminals behind this scheme,’ conclude the researchers.”

As Agregado points out, it’s always best to download apps from the Google Play store, where the official version of Adobe Flash Player 11 can be found.

Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles