Malicious App Disguised as a Flash Player That Steals Banking Credentials Home Categories Malware Malicious App Disguised as a Flash Player That Steals Banking Credentials 0 0 1.11K 2 10y ago 2016-03-14T00:53:21-05:00 10y ago 2016-03-14T00:57:02-05:00 Online Threat Alerts Mobile banking users should be aware of a malicious Android app that steals banking login credentials. The malicious banking app called "Android/Spy.Agent.SI," is a Trojan horse that was created by cyber-criminals, and disguised as a Flash Player to trick potential victims into downloading and installing it. The sophisticated banking Trojan or malware is able to create a fake login screen that will steal the potential victims’ online banking credentials and send it to cyber-criminals. The malicious app also has the ability to intercept SMS or text messages and can therefore, bypass SMS or Text Message two-factor authentication security feature, which was created to prevent access to online users’ accounts, even if their credentials (usernames and passwords) were stolen. It is important that Android users, who are asked to install Adobe Flash Player, only do so via the Google Play Store.installing Android apps from anywhere else can be dangerous.Cyber-criminals have created the following malicious websites that have the malicious banking Trojan:www.flashplayeerupdate.comwww.adobeflashplaayer.comwww.adobeuploadplayer.comwww.adobeplayerdownload.comwww.adobeupdateplayer.comwww.adobeupdateplayeer.comwww.adobeupdateflash11.comThe websites above should never be visited since they have the malicious Android file called “FlashPlayer.apk.” The malicious file should never be downloaded or installed. And, Android users should only download apps from the Google Play Store to protect them against malicious apps.How to Remove the Malicious Banking Android AppIn order to remove the malicious app, administrator rights must be disabled or deactivated first. Please see the instructions below:Go to “Settings”Select “Security”Select “Device administrators”Select “Flash Player”Select “Deactivate,” ignore the bogus message and choose “OK”.If you are prevented from carrying out the instructions above, please restart your mobile device in Safe mode and repeat the instructions above.Once the administrator rights have been removed, the malicious app can be removed using the following instructions:Go to “Settings”Select “App/Application Manager”Select “Flash Player”Select “Uninstall” Check the comment section below for answers or additional information. Share what you know, or ask a question about this article by leaving a comment below. Online Threat Alerts is not affiliated with or endorsed by any trademark owner mentioned in this article. Some of the information in samples in this article may have been impersonated or spoofed. Save + Was this article helpful? (2) (0) More For You Is workatshein.com a Scam Website? Is PowerSave a Scam? Power Save Devices Reviews Is Acidamide a Scam? See the Review of the Online Store Cash Net USA Scam and Fake Arrest Warrant and Lawsuit Fraud - 'Congratulations from Facebook' New Year Draw is a Lottery Scam Ted and Chris Dwite Confirmed Profits Binary Options Trading Software is a Scam 'Your Order Summary from 365 Electrical' Malware ACH Malicious Email - 'Blocked Transaction. Case No' 'www.homedesk.club' - A Fake Work-From-Home Website 'www.dollarsan.com' - A Fake Work-From-Home Website 'WhatsApp Free Ultra-Light Wifi Signal Feature without Internet' Scam Dropbox Phishing Scam - 'Please Confirm the Following Shipping Documents' 'Total Wipeout Tour' Events on Facebook are Like-Farming Scams 'www.shareduty.com' - a Fake Work-From-Home Website Comments / Answers Remove sensitive information from your post. Your IP address will be used to display your estimated location. Enter comment post here