A fraudulent Adobe Flash installer package is a pathway to infection and potential financial losses by way of the Marcher Trojan.
Security firm Zscaler is warning about a new variant of the Android Marcher Trojan that is using Adobe Flash and adult content sites as a way to trick users into becoming infected and giving up financial information.
There are a lot of different vulnerabilities in Adobe Flash—in fact, Adobe just updated for 23 new vulnerabilities this week—but the new Android Marcher Trojan isn’t using an authentic version of Flash or exploiting vulnerabilities that Adobe has already patched. Rather, the Android Marcher Trojan uses a fake version of an Adobe Flash Player installer to infect users.
“The majority of the Marcher Trojan downloads that we are blocking in the cloud are from porn sites,” Deepen Desai, head of security research at Zscaler, told eWEEK. This appears to be a popular social engineering tactic where the user is prompted to install the Flash Player update to view the porn video and the attack cycle can start with an email or SMS.”
Submitted by: Arnfried Walbrecht