A Trojan virus that poses as an Adobe Flash Player update is targeting Android smartphone users.
The malware can obtain login credentials from at least 40 different retail, social media and banking apps.
The deceptive software is the latest version of Marcher Android malware, which appeared earlier this year as a fraudulent version of “Super Mario Run” for Android devices.
Marcher developers have devised new ploys to lure in users, using links to new mobile games and adult-oriented content. The apps won’t be found in the Google Play Store, but on third-party sites.
Once a victim attempts to download an infected app, a pop-up window that requests to update the device’s Flash Player appears. If a person clicks, the malicious code will be delivered and the smartphone becomes infected.
Marcher will then disable security, remove its icon from the menu screen and wait for users to open an app from its list of targets, sending all of the device’s information to a command and control center.
The malware can produce fake login pages for popular third-party apps like TD Bank, Google, Yahoo, Chase Bank, Paypal, Citibank, Walmart, Amazon, Western Union, Facebook and more. The targets are programmed into its payload, but can be later modified by hackers.
Here’s a full list of the infected apps:
Applications infected with malware are becoming problematic for Android app developers and consumers. As of last spring, an estimated 1.3 to 1.4 billion people owned Android phones, which are easier to infiltrate than iOS-based devices.
The Google-developed operating system is “more open and adaptable,” which makes it easier to infiltrate than Apple’s operating system.
To avoid Marcher, Android smartphone owners should refrain from downloading and installing apps from unknown sources, even if they’re featured in the Google Play Store. Reading user reviews is also helpful – apps that show suspicious behavior will often have low ratings.
Additionally, keep mobile devices updated and install security apps to protect against unwanted infections.