Fake Android Flash Player App Targets Banks, Social Media

07 Nov 2016
by David Jannetta
Comments are closed

Over the weekend the International Business Times reported on a new Android malware that can steal the login credentials from 94 different mobile banking apps around the world.

According to Kai Lu, a security researcher at Fortinet, users who actively use banking applications on their mobiles need to remain cautious and beware of this new malware campaign.

She notes that “the malware masquerades as a Flash Player app that, once installed, appears in a phone launcher. If a phone owner launches the app they see a fake Google Play screen asking for permissions that grant the malware administrator rights. Then, when a banking app is opened, the malware creates a fake overlay, tricking victims into entering their login credentials.”

Among the 94 bank apps being targeted are those of NAB, ING Direct and Citi, Santander, Coinbase, American Express, PayPal, Deutsche Bank, Credit Karma and Wells Fargo

In addition, the malware is also taking aim at social media apps. When users launch Facebook, Whatsapp, Snapchat, Twitter, Instagram, Skype, and more, they are faced with a screen overlay asking for payment card details.

Users can disable the device administrator rights through their phone settings and then uninstall the fake Flash Player.

We have notified our banking and social media clients of this issue. If you would like to learn about our services to brand owners, please drop us a note.

IP Lasso © 2019  - Privacy  - Terms