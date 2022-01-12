A piece of software that once was critically important to internet users has returned but with a nefarious purpose: to hack your device. If that rings an alarm in your head, be informed that it is a new malware campaign and this time it is leveraging the popularity of Adobe's Flash Player, which the company discontinued in 2020.

Hackers are now targeting Android users through a malware campaign that involves downloading Flash Player. A new "FluBot" distribution scheme tricks users into downloading a bogus Flash Player app infected with a dangerous banking trojan, according to PhoneArena. The link that urges users to download the APK file of Flash Player through a sketchy website was found to have come from people that you would blindly trust, such as your family, relatives, or close friends.

But do not blame them. It is their phone that is sending out these invitations to all their contacts. Once a phone is infected with the trojan, it gains unauthorised access to the contacts saved in it and sends them a link to download the Flash Player. That is how this distribution scheme works. And all of this happens under the nose of the user. You will not suspect a thing.

However, you should know that there is absolutely no reason to download an APK file from an untrusted website, even if it is a suggestion from someone you know. And moreover, if you have some knowledge about technology, you will know that Flash Player is as dead as it is. We all miss the beloved Flash Player and rightfully so, because it was an important part of our online lives. But video streaming technologies have become advanced over the past years, and Flash Player could do only so much. In any case, Adobe is still not desperate enough to send users links to the Flash Player, which has been dead since 2020.

Then what should you do in a situation like this?

Well, you should conveniently ignore these messages and links. FluBot is the culprit behind all the devices that were infected last year with malware that came from sources as benign as a phone security update, a parcel delivery notification, and notifications from other legit apps. But there is always something off in these prompts. If you pay more attention, you are more likely to notice them, but if you cannot, you should entirely ignore them.

These malware campaigns have a purpose and that is stealing your personal data to sell later or hijack devices for ransom. The purpose could also be spreading the virus or Trojan to a lot more devices. And you should prevent falling into that trap. Practice safe internet routines, and it involves downloading Android apps only from trusted sources, such as the Google Play Store.