Russian Android users are constantly targeted with Trojans posing as legitimate apps. Last month it was fake Instagram and Angry Birds Space apps, this time the lure is a bogus Flash Player for Android:
“When users opt to download and install the said fake app, the site connects to another URL to download a malicious .APK file,” Trend Micro researchers warn.
The file in question is a premium service Trojan that saddles users with unwanted charges.
Both the website offering the fake app and the one from which the Trojan is downloaded are hosted on the same IP address – a Russian domain.
“Based on the naming alone used in these URLs, it appears that Android is a favorite target for cybercriminals behind this scheme,” conclude the researchers.