Cybercriminal schemes involving fake copies of Flash Player are not uncommon. However, security researchers from F-Secure have come across an interesting one.
It all starts with a piece of malware designed to target Android devices. Once the threat infects a device, it drops a couple of “Flash 11” installers.
When the installers are executed, an “instant download” screen is displayed. However, users are asked to pay $5 (€3.6) via PayPal to get the app.
Flash Player is free, so paying $5 (€3.6) for it is clearly not recommended. It’s also worth noting that Adobe discontinued Flash on Android back in August 2012, so any website that offers the app should be treated with suspicion.
In addition to Flash Player, the cybercriminals that run this scheme are also trying to trick users into paying for a YouTube MP3 downloader and the Flappy Birds game, which has been recently pulled from official app stores.