Published on April 7th, 2017 | by admin
Fake Flash Player App scams users into paying for free app – ESET Discovery
ESET researchers have discovered another malicious Adobe Flash Player app tricking its victims into paying 19 USD for the app when the official version is free.
After ESET notified Google, the malicious app was removed from Google Play, but only after reaching 100,000-500,000 downloads since November 2016.
This time, the app, named F11, didn’t rely on ransomware or other harmful code, but instead on social engineering to trick users into paying for something that is usually free.
Please see below or visit the ESET blog for further details about this malicious app. Don’t hesitate to let me know if you’d like more information on this and malicious apps in general. Nick FitzGerald, Senior Research Fellow at ESET is available for interviews.
Although the app has been taken down from Google Play, the downloaded app is still running the scam if installed on a device.
Once downloaded, the app displays a tutorial with detailed instructions on how to download Flash Player. On that page, the user is directed to PayPal to pay 19 USD to buy the Flash Player app.
The operation then turns from an aggressive practice of providing users with overpriced and unnecessary advice to a pure scam of selling an item without having any right to do so. Only Adobe, the maker of Flash Player and owner of all rights associated with it can sell it to consumers – if they haven’t already made it available for free.
After payment is made for the app, the scam once again pretends to provide “something” in exchange for the victim’s money. Along with a link to a Flash Player installation tutorial – which is a set of several obvious tips – victims are prompted to install Firefox or Dolphin browser. These browsers support Flash Player by default as they contain the plugin for playing Flash content.
How to stay safe and get your money back
First and foremost, it must be noted that installing Flash Player on Android devices might be riskier than a user would think. Because of its countless vulnerabilities, Flash has proven to compromise any device’s security.
Those who want to have Flash installed at any cost on their mobile device should follow the recommendations by Adobe security experts at the request of ESET.
Adobe strongly advises that users only install and update the Flash Player via one of the following means:
- By downloading it from the Adobe Flash Player Download Centre https://get.adobe.com/flashplayer/
- By updating it only via the update mechanism within a genuine installation of the Adobe Flash Player that was installed via the Adobe Flash Player Download Center
- By installing or updating genuine versions of the Adobe Flash Player through the installation of Google Chrome for Windows, Macintosh, Linux and Chrome OS, and/or Adobe Flash Player installed with Microsoft Edge and Internet Explorer 11 for Windows 10 and 8.1
Finally, ESET Mobile Security automatically detects the malicious F11 app as Android/FakeFlash.F and prevents it from getting installed.
Advice from ESET Australia to avoid further malicious apps
“Users are aware that apps can carry harmful malware and ransomware code, however they don’t always realise that sometimes simply installing a payed app that is not delivering can also be a scam,” says Nick FitzGerald, Senior Research Fellow at ESET.
“There is no officially sanctioned Adobe Flash Player for Android, so if you have installed one, and been alerted that your version requires a paid update, you should install a security product and scan the whole device, especially if you have paid for the update, as you have been duped and most likely have something undesirable running on your device.”
“I would recommend that users download apps and updates only from trustworthy official stores and developers. The second step would be to have a detailed look at what the app offers, the reviews and what kind of access rights you are granting the app before downloading it. Finally, use a reputable mobile security solution for preventive protection,” concludes FitzGerald.