Android Marcher Variant Makes Rounds as Adobe Flash Player Update

Zscaler researchers discover a new variant of the Android Marcher malware, which aims to steal online banking credentials and credit card information.

Dark Reading Staff, Dark Reading

June 24, 2017

1 Min Read
Dark Reading logo in a gray background | Dark Reading

A new variant of the Android Marcher malware uses pornographic enticements and new game hype to lure users to download a bogus Adobe Flash player, according to Zscaler researchers who discovered the latest variant.

Users are then asked to disable their security settings and allow third-party apps to install. Once the apps are installed, the malware removes its icon from the phone menu.

It then waits for the user to open one of over 40 targeted financial apps and then overlays a fake version of that financial website's login page. The malware then gleans the user's login credentials.

The financial sites the new Android Marcher variant is targeting includes TD Bank, Wells Fargo, PayPal, and others.

Read more about this latest Marcher variant here

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights