Malware tricking users into paying to install Adobe Flash Player keeps resurfacing on Google Play Store, according to security firm McAfee.
Though the malware is "short lived" and quickly removed from the search engine’s app store, hackers are said to simply rename the virus and upload it under a different account.
Daisuke Nakajima, a mobile malware researcher at McAfee, said: "Adobe Flash Player has been a boon to Android malware creators for a long time."
"These developers have taken advantage of Flash’s popularity to create premium SMS Trojans and droppers, as well as other types of malware."
Victims of the scam are said to be redirected to a webpage and asked to pay €5 through PayPal to install Flash Player, with those who fall for the trick sent a link to Adobe’s legitimate download site.
McAfee believes the webpages are hosted in Turkey or the US, with the app also advertising a tutorial for Flash Player that it never delivers.
"The scammer might claim that the installer app provides an ‘added value’ to automatically detect the version of the Flash Player appropriate to the user’s Android OS version," Nakajima said. "But this version identification is easy to do by checking Adobe’s download site."
Since victims must supply their name and email address it is also feared that they could be victim to further scams in the future.
"Users should be very careful about the sellers of products when using online payments, for example, by checking that the name and contact information of the company or seller is explicitly displayed and that the product is really what they want to buy," Nakajima said.
Google declined to comment when contacted by CBR.
