Maybe It’s Time To Quit Porn: Trojan Horse SlemBunk Installs Itself Via Porn Video Requests For “Flash Updates” By Staff Reporter | Jan 17, 2016 08:34 PM EST Avid fans of porn who also happen to use mobile payments apps better beware: An Android Trojan dubbed âSlemBunkâ by cyber security firm FireEye has been on the loose since December. The malware activates as soon as it detects that the user has opened a mobile payments app, and then tricks the user into giving it their personal details. In a report by PCWorld, the malware is deployed in several stages: 1. As the user is about to watch porn videos, a prompt to âupdate their Androidâs flash playerâ would appear. Most of the time, users would just happily download the âupdate,â as PCWorld points out. 2. The âflash updateâ can bypass mobile AntiVirus apps because the âupdateâ in itself does not contain malicious code. 3. The app then unpacks itself and generates new code and then installs the phishing app. 4. As soon as a mobile payment app is launched, SlemBunk inserts its own user interface (UI) on top of the app, to trick the user into giving it their credentials. 5. Goodbye, money. As you can see, the app is, indeed, a very sophisticated, systematic Trojan. âTrojansâ as malware were so named, because like the Trojan Horse of the Helen of Troy myth, it disguises itself as âbenign,â only to attack once itâs inside the system. Much like the Trojan Horse, which the citizens of Sparta and Greece sent to the kingdom of Troy, Trojans, the malware, needs the users to âlet it in.â Then when itâs âin,â it simply attacks from within. As you can see, by the way that the SlemBunk gets âlet inâ by the users themselves, then creates the main app that will do what its creators built it for, it is clearly a Trojan Horse malware and a sophisticated, systematic one at that. Given the fact that it needs the cooperation of the end-user, this reminds us, again, that end-users are always the gatekeepers of their own mobile computing security. Thereâs a bit of a snag for the SlemBunk Trojan, though "The Flash updateâ it requires that the user would sideload the app. So if the end-user is, at least, a little awake, a little vigilant, that should set off alarm bells and cause them to cancel the install. Never trust third-party applications in this day and age. Never tick that option to allow third-party installs, if you know whatâs good for you, either. Droid Reportâs advice? Donât download updates that arenât from the Google Play Store. Donât install third-party apps. Donât sideload apps. And the bottom line? Stop watching porn. According to a Mic article, watching porn shrinks your brain. So quitting porn a win-win thing, across the board, anyway. *** More on the SlemBunk Trojan via PCWorld: https://www.pcworld.com/article/3022426/android-banking-malware-slembunk-is-part-of-a-well-organized-campaign.html The original FireEye report, with coding notes for geeks and developers: https://www.fireeye.com/blog/threat-research/2015/12/slembunk_an_evolvin.html The Mic.com article that said that watching porn shrinks oneâs brain: https://mic.com/articles/132436/these-are-the-10-common-behaviors-that-are-actually-shrinking-your-brain#.nEuGZwGV4