14 DAY TRIAL // A malicious Adobe Flash Player scam app was found in the Google Play Store by security researchers and promptly removed by Google. Unfortunately, the app had been in the store since November 2016, managing to get somewhere between 100,000 and 500,000 downloads.
Dubbed F11, this app wasn't your typical downloader, ransomware or damage-doing tool since it did not contain any harmful code. It was, however, a social-engineering-based scam, tricking people into paying $19 for Adobe Flash Player.
Flash Player for Android has always been available for free and was actually discontinued back in 2012 due to its many security vulnerabilities.
"Factually, this is a scam. Legally, the crooks behind this operation tried to avoid the scam label. However, because of how they implemented their trick, it's safe to call it a scam," says Lukáš Štefanko, ESET malware researcher who led the investigation.
How does it work
Once someone downloaded the app, the app displayed a tutorial detailing how to download Flash Player, complete with a link. On that page, the user is directed to PayPal to pay $19 to buy Flash Player.
"The authors of this scam have gone a long way to make it appear as a legitimate business. For example, the app was listed in the educational section of the Play store. However, the shopping basket at PayPal reveals the true nature of the operation: the item in it is called Flash Player 11," Stefanko comments.
ESET notes that this is the place where the operation makes the turn from expensive and unnecessary advice to pure scam because they claim to be selling something they have no right to. Obviously, only Adobe has the right to sell Flash Player, and not even they asked money for it.
Once the payment is made, the scam seeks to provide something in exchange for the money, so a new page is displayed. There's a link to a Flash Player installation tutorial and extra tips that push users to allow app installations from third-party app stores, to install Firefox or Dolphin browsers on their devices and so on.
At the end of it all, people will be able to play Flash content on their devices, but that's not thanks to any tip they got from these folks, but rather to the browser they chose to install.
So, as a general rule, try to avoid installing suspicious apps. This one may not have had any malicious code, but others could have and could take control of your phone before you even realize that happens.
