“Marcher” Malware Poses as Adobe Flash Player Update

By

If you’ve been keeping up with tech news, you probably already know how important it is to keep Adobe Flash Player always updated. By taking this step, you’ll download the latest security patches that Adobe provides and ensure you’re protected from all kinds of malware. But what if the update you’re installing is the one installing malware into your device?

This is exactly what’s been happening to users who have accidentally allowed Marcher to conquer their Android mobile phones. Marcher is a Trojan malware that targets Android users, and it’s found in infected apps that are downloaded from third-party sources. Most of these apps provide adult content as well as new and exciting mobile games.

Marcher works like this: when you try to download an infected app, you’ll receive a pop-up message telling you that your device’s Adobe Flash Player is outdated and that you’ll need to update it before you can get your app. It will then convince you to download and install a file called “Adobe_Flash_2016.apk”. What you won’t know, though, is that downloading this so-called “Flash Player update” will lead to the installation of Marcher in your device.

Once it’s installed in your phone, Marcher will register your device with its command and control (C&C) center and send over all relevant data about you and your phone usage. It will also hide itself from view so you won’t even know that it exists.

Marcher will wait until you open one of the financial apps that’s on its built-in list, which include Amazon, Chase, Citibank, American Express, and Wells Fargo. Once you do, it will overlay a fake page on the real page. You might think you’re simply logging into your favorite app, but what you’re actually doing instead is sending your login credentials to someone who might use them to steal your money and your identity.

What makes Marcher even more dangerous is that it doesn’t just hide itself from view — it also uses techniques that prevent it from getting detected by antivirus software. This means that, even if you have an antivirus program for your Android device, it’s still not an assurance that you’re 100 percent protected.

So what can you do to protect yourself from Marcher? First of all, avoid downloading apps from third-party stores — stick to the Google Play Store. Even then, make sure to read reviews from other people before downloading an app to get an overview of it. Of course, take note that Adobe Flash Player is no longer available from the Google Play Store, which means that you can’t officially download Flash Player updates and that you shouldn’t believe pop-ups telling you to do so.

Read this post to know why hackers often target Adobe Flash Player.

You may also like