Attackers use fake Google Play apps to trick users
Many Android malware developers try to disguise them as legitimate and useful software. Thus, they convince users to download them. To do this, attackers can use the interesting name of the application and add to it a fake description that does not correspond to the functionality of this application. ESET specialists discovered eight such fake apps on Google Play that promised users to increase the number of subscribers in their social network accounts. Our AV products discover these apps as Android / Fasurke .
Being available on the Google Play store for more than four months, applications collected from 250K to 1M views. After our contact with Google, the Android security team removed all of these applications from Play. Despite the fact that these applications are no longer dangerous for Android users, we should make public the details of their analysis, since, in the future, similar applications may appear in Play.
Fig. Icons of fake applications that were posted on Google Play.
These eight applications promised users more subscribers, friends or more views of their publications in social networks. However, their real goal is completely different and is to lure users to purchase paid subscriptions, distribute their personal data, obtain consent from the user to display advertisements.
')
Fig. An example of a fake application.
The “check” mentioned above in the picture was just a cover in order to start offering the user an infinite number of gifts, coupons and free services. In addition, the application also specializes in collecting personal data of the user, asking him for such personal information as name, email address, address, phone number, date of birth and gender. Users were offered to subscribe to special paid SMS campaigns costing about 4.8 euros per week.
Fig. One of the applications offers users a paid subscription.
Fig. The application lures the user to subscribe to phone calls and advertising messages.
In fact, this “verification step” is an endless process of displaying ads and other ads to get as much money as possible from the user.
Fig. Ratings and reviews of one of the fake applications.
All these applications have a large percentage of low ratings and extremely negative comments. Despite this, the statistics of their installation shows hundreds of thousands of installations.
The above-mentioned applications that were discovered by our experts on Google Play do not perform the functions declared by the authors, that is, they do not increase the number of followers of a user account in social networks. Instead, they specialize in displaying to the user an infinite number of promotional offers that try to force the user to subscribe to a paid SMS distribution, as well as to receive personal information from him.
The following recommendations will help you avoid installing malicious Android applications:
Being available on the Google Play store for more than four months, applications collected from 250K to 1M views. After our contact with Google, the Android security team removed all of these applications from Play. Despite the fact that these applications are no longer dangerous for Android users, we should make public the details of their analysis, since, in the future, similar applications may appear in Play.
Fig. Icons of fake applications that were posted on Google Play.
These eight applications promised users more subscribers, friends or more views of their publications in social networks. However, their real goal is completely different and is to lure users to purchase paid subscriptions, distribute their personal data, obtain consent from the user to display advertisements.
')
Fig. An example of a fake application.
The “check” mentioned above in the picture was just a cover in order to start offering the user an infinite number of gifts, coupons and free services. In addition, the application also specializes in collecting personal data of the user, asking him for such personal information as name, email address, address, phone number, date of birth and gender. Users were offered to subscribe to special paid SMS campaigns costing about 4.8 euros per week.
Fig. One of the applications offers users a paid subscription.
Fig. The application lures the user to subscribe to phone calls and advertising messages.
In fact, this “verification step” is an endless process of displaying ads and other ads to get as much money as possible from the user.
Fig. Ratings and reviews of one of the fake applications.
All these applications have a large percentage of low ratings and extremely negative comments. Despite this, the statistics of their installation shows hundreds of thousands of installations.
Conclusion
The above-mentioned applications that were discovered by our experts on Google Play do not perform the functions declared by the authors, that is, they do not increase the number of followers of a user account in social networks. Instead, they specialize in displaying to the user an infinite number of promotional offers that try to force the user to subscribe to a paid SMS distribution, as well as to receive personal information from him.
The following recommendations will help you avoid installing malicious Android applications:
- Download apps only from Google Play or another trusted store. Such application repositories are not completely secure, but the chance to install malware from there is much less.
- Before installing any application, check its rating and read user reviews. Pay attention to negative reviews, as they are left verified by users, while positive reviews can be left by attackers.
- When confronted with any implausible sentence, keep in mind the golden rule that "this is too good to be true." If authors offer half a million subscribers to your account for free or with just one click, this is most likely a hoax.
- Think twice when entering your personal information or when ordering any service. Be sure that you get the desired functionality in return.
- Use an antivirus product for your device.
Source: https://habr.com/ru/post/312028/
All Articles