A Trojan virus that poses as an Adobe Flash Player update is targeting Android smartphone users.
The malware can obtain login credentials from at least 40 different retail, social media and banking apps.
The deceptive software is the latest version of Marcher Android malware, which appeared earlier this year as a fraudulent version of “Super Mario Run” for Android devices.
Marcher developers have devised new ploys to lure in users, using links to new mobile games and adult-oriented content. The apps won’t be found in the Google Play Store, but on third-party sites.
Once a victim attempts to download an infected app, a pop-up window that requests to update the device’s Flash Player appears. If a person clicks, the malicious code will be delivered and the smartphone becomes infected.
Marcher will then disable security, remove its icon from the menu screen and wait for users to open an app from its list of targets, sending all of the device’s information to a command and control center.
The malware can produce fake login pages for popular third-party apps like TD Bank, Google, Yahoo, Chase Bank, Paypal, Citibank, Walmart, Amazon, Western Union, Facebook and more. The targets are programmed into its payload, but can be later modified by hackers.
Submitted by: Arnfried Walbrecht