Remove Flashlight LED Widget Banking Trojan App - How to, Technology and PC Security Forum | SensorsTechForum.com
THREAT REMOVAL

Remove Flashlight LED Widget Banking Trojan App

OFFER

SCAN YOUR MAC
with Combo Cleaner

Scan Your System for Malicious Files
Note! Your system might be affected by Flashlight LED Widget and other threats
Threats such as Flashlight LED Widget may be persistent. They tend to re-appear if not fully deleted. A malware removal tool like Combo Cleaner will help you to remove malicious programs, saving you the time and the struggle of tracking down numerous malicious files.
Combo Cleaner’s scanner is free but the paid version is needed to remove the malware threats. Read Combo Cleaner’s EULA and Privacy Policy.

This article has been created to help you remove Flashlight LED Widget app that is actually malicious banking trojan that targets banking apps and may display phishing screens.

A remotely operated Trojan horse pretending to be a Flashlight application for Android devices has been reported to gain popularity and infect more devices. The trojan is able to display fake duplicate screens that appear to be the same as the ones on legitimate applications in order to intercept and steal information. This new type of phishing technique has been reported to be widely used and be the new trend in banking malware.

Threat Summary

Name

Flashlight LED Widget

TypeAndroid Banking Trojan
Short DescriptionUses a fake app to display duplicate login screens of legitimate applications and sniff out information this way.
SymptomsHaving an app, called Flashlight LED Widget.
Distribution MethodMalicious third-party apps or Google Play Store.
Protection Tool See If Your System Has Been Affected by Flashlight LED Widget

Download

BetterGuard

User ExperienceJoin our forum to Discuss El Gato Ransowmare.

Flashlight Banking Trojan – Distribution

One very important method of distribution used by the hackers who spread this trojan is by uploading seemingly legitimate widgets and apps on Google Play store with malware embedded in them. The apps themselves are not malicious and they may do as promised, however this particular Flashlight LED Widget connects to a command and control server of the cyber-criminals after requesting administrative permissions from the Android user. Such permissions even allow the app to hide it’s icon from the device, preventing it’s uninstall via this method.

Android Flashlight Banking Trojan – How Does It Work?

Once the app infects an Android device, the payload is contained in encrypted format within the APK package file which the victim installs from the Google Play store. This payload code is obfuscated and cannot be detected. But once the application is installed, the code is unpacked and unlocked.

The first thing this trojan does is to connect to the server of the cyber-criminal behind it, sending important details of the device. It also takes a snapshot on your front camera to see who you are.

What is interesting is that if the device detects the victim is from Russia or former Soviet Union countries, including Ukraine and Belarus, it shuts down. This tactic is believed to be performed because the attackers may claim afterwards they have not infected their own countries.

In addition to those activities, the fake Flashlight LED Widget malware also sends information in a HTML code which is displayed in WebView. This means that as soon as the affected user opens a new application, the application that is original is replaced with a duplicate screen that requests victims to enter their personal credentials such as their PayPal password and username, for example. Malware researchers at WeLiveSecurity have identified that there is difference between the legitimate and fake screen, even though it is minimal:

Source: WeLiveSecurity

But this is not all, the malware can also lock the screen on your phone, similar to what mobile ransomware infections, like El Gato Android ransomware(https://sensorstechforum.com/remove-el-gato-android-ransomware-restore-locked-devices/) does.

Remove Flashlight Widget Banking Malware from Your Android Device

In order to make sure that your device is safe, the first step that you should take is to change all of your passwords for the apps used on your Android device from another, safe device. Then, we advise you to backup your phone’s data and then follow the instructions below to factory reset it and reinstall all the Android APK components that are default, anew.

And in the future we advise you to use better protection against privacy invasive apps and malware, like BetterGuard, for example.

Note! Your computer system may be affected by Flashlight LED Widget and other threats.
Scan Your MAC with Combo Cleaner
Combo Cleaner is a powerful malware removal tool designed to help users with in-depth system security analysis, detection and removal of threats such as Flashlight LED Widget.
Keep in mind, that Combo Cleaner needs to purchased to remove the malware threats. Click on the corresponding links to check Combo Cleaner’s EULA and Privacy Policy.

Manually delete Flashlight LED Widget from your Mac

1. Uninstall Flashlight LED Widget and remove related files and objects
2. Remove Flashlight LED Widget – related extensions from your Mac’s browsers

Automatically remove Flashlight LED Widget from your Mac

When you are facing problems on your Mac as a result of unwanted scripts and programs such as Flashlight LED Widget, the recommended way of eliminating the threat is by using an anti-malware program. Combo Cleaner offers advanced security features along with other modules that will improve your Mac’s security and protect it in the future.


Download

Combo Cleaner

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...