If the words, “Adobe Flash,” don’t give you the heebie-jeebies, they should. The once-beloved media-player software is now synonymous with malware.
Flash has been hugely instrumental in bringing video to the internet. Unfortunately, at nearly a quarter-century old, it was developed at a time when “hacking” meant hitting a piece of wood with an ax, not a criminal remotely accessing your computer.
Flash has such a long, recent history of vulnerabilities and security patches that Adobe is phasing it out by 2020. Until then, hackers are going to exploit it.
Be careful, though. Hackers are exploiting you, too. If “Adobe Flash” gets your attention, hackers are trying to take advantage of you with a new malware called Invisible Man (or Andr/Banker-GUA).
It’s likely from Russia and is related to another malware know as Svpeng. It’s a clever hack that’s designed to trick you into giving hackers remote access to your Android smartphone and, ultimately, your bank account.
Bonus: Keep reading for two simple tips to protect your money!
Invisible Man: What You Must Know
Have you heard of keylogging? That’s when hackers trick you into giving them your private information, like usernames and passwords, by spying on the words you’re typing into your smartphone or computer.
In the case of the Invisible Man malware, which is affecting Android smartphones, they place a fake app over a real app, such as your bank account. The fake app will ask you to input information. Underneath that app is your banking app and, in reality, they’re tricking you into typing in your username and password.
This hack starts with the hackers checking your language settings. It will proceed as long as your smartphone isn’t set to Russian.
It then asks for permission to access your accessibility settings. These are found under Apps >> Settings >> Accessibility. They are designed to make it easier to use a smartphone if you have issues with vision, hearing or dexterity.
It exploits those accessibility settings to remotely install itself as your smartphone’s default messaging software. It then disguises itself as a legitimate app that is really accessing your bank account information. From there, the hackers drain your bank account.
Here’s what you must do: First, uninstall Flash from your smartphone. Second, make sure you are running a strong and reputable anti-malware software on your Android smartphone. There are several FREE anti-malware programs specifically for Android.