If you’re in possession of an Android based device and frequent online banking services then perhaps you need to spend a few extra minutes of your time making sure that all of your private data is secure from people who might have malicious intentions.
A recent application masquerading as Adobe’s Flash Player has been making its way across the internet, the obvious targets being people who wish to install Flash on their handheld devices, it’s been a while since Adobe ended development for Flash on smartphones, tablets and by proxy, Smart TVs, this lead to quite a few Android users who could no longer access their favorite streaming services.
It uses a convincing icon and name to identify itself as Adobe Flash Player, once installed on your device the application has access to pretty much all of your device activity, targeting users in Australia, New Zealand and Turkey, the app pops up as an overlay on top of your banking applications, this isn’t limited to just banking applications as the malware also attempts to steal your Google account details.
Since the application is installed on your computer, it has access to all of your received text messages along with any login credentials you may have provided it with, this also allows the application to go through the 2-step authentication feature which most services, including Google have been using for the past few years.
2-Step authentication via SMS sends a text message to users with a freshly generated short number or an equally short alphanumeric key, users then use this key as a secondary security measure, ultimately requiring access to your smartphone if someone wishes to hack into any of your accounts, after installation, this malware basically receives any text messages and communicates with a server in real time to authenticate access to your account.
How to be safe from malware apps
Knowledge is power when it comes to living in the age of internet, by knowing that Adobe has stopped supporting Flash Player development for all Android devices, you already know that any application offering itself as a Flash Player is already quite shady, besides, with more websites and streaming services making the switch to HTML5, it’s only a matter of time until Flash is no longer needed.
On the other hand you should always be suspicious about the permissions you’re giving any app which you install, if you’re installing a Flashlight application, do ask yourself why exactly does it require permission to view your contacts, messages and even your GPS location, by simply using a bit of common sense, a lot of security breaches can be avoided.
These malware applications usually target people who prefer to skip important parts of the installation process, such as getting your Flash Player from a website other than Adobe’s or installing pirated applications which might be infected with malware and as a final tip, try and stick to official and recognized app stores.
Simply go to your phone’s Settings -> Security -> Device Administrators and remove Flash as a device administrator, there’s no reason for Flash to have administrative privileges, what you see here is simply the malware.
After removing it from device administrators, go to your Settings -> Applications and uninstall it.