March 9, 2016
A new Android trojan that’s being detected as Android/Spy.Agent.SI is targeting users for the purpose of stealing their banking and Google account credentials.
Security researchers from ESET say that the trojan is distributed via websites that advertise a Flash Player for Android devices. Adobe officially stopped developing a Flash client for Android in 2012, so this is an obvious trick to fool users into installing a dangerous APK on their system.
Once downloaded and the installation process started, the trojan will ask for admin rights. Giving it admin rights not only makes it much harder to remove later on but it also grants the trojan the access needed to carry out its attacks undisturbed.