Google Yanks Fake Angry Birds App and 21 Other SMS Scams from Android Market
Google Yanks Fake Angry Birds App and 21 Other SMS Scams from Android Market
Posted 12/14/2011 at 9:54am
| by Paul Lilly
4
Comments
Print
Apps masquerading as legitimate third-party programs like Angry Birds, Cut the Rope, Tetris, Need for Speed, and others are part of a so-called "RuFraud" scam in which unknowing victims are charged premium SMS fees. This has reportedly been going on for the past few months, mainly in Europe, and it's something Google is cracking down on by removing offending apps from the Android Market.
Lookout, a mobile security firm in San Francisco, notified Google of 22 RuFraud apps, and then discovered a handful more. These initially consisted of horoscope apps with a well hidden ToS disclaiming premium charges and only one option to continue, but have quickly spread to dozens of other types of programs. The scam appears to have originated in Russia.
"In the last week we have notified Google of 9 identical applications that were skinned to appear more appealing to potential users: three wallpaper apps for popular movies (including Twilight), and three apps purporting to be downloaders for popular games such as Angry Birds and Cut the Rope," Lookout said in a blog post. "Google responded quickly to our reports and pulled these apps from the Android Market. At the time of removal these applications had only been downloaded by a handful of users, and the severity of the threat was still very low."
More than a dozen additional RuFraud apps posing as free versions of popular games followed overnight and were also pulled, but not before the entire scam notched over 14,000 downloads, Lookout estimates.
Some believe the issue underscores a growing problem with the Android Market
"The flexibility of the Android Market is great, but that comes at a potential price to security," David Emm, a security researcher for Kaspersky, told the U.K.'s BBC. "It will become a potentially bigger problem in the future. Android's market share is going up, and so is the number of malware-infected mobile software."
You can view a list of known RuFraud apps here.
More like this
4
Comments
Comments are closed on this article
m-p-3
December 14, 2011 at 11:29am
@big_montana
Even if they implemented some sort of heuristic scanning, detecting unwanted behavior from apps simply by looking at the code from an automated system is not an easy tasks, and the malicious developers can obfuscate or modify their codes to avoid detection.
Most antivirus bases most of their realtime detection on checksum comparisons of files that have been confirmed as malware. If someone create a virus which isn't widespread and doesn't match a pattern behavior that is known to be a virus, it will not be detected.
And even the Apple approval system isn't perfect, since some app like a Flashlight app on the App Store somehow managed to include an hidden tethering feature, which isn't allowed (source: http://www.macrumors.com/2010/07/20/flashlight-app-sneaks-tethering-into-app-store-for-now/)
There is flaws in every systems, and unfortunately it is not possible to stop them all in a proactive way.
big_montana
December 14, 2011 at 11:05am
Why doesn't Google implement a malware/spyware scanning of all apps added to the store, like Lenovo does for their Android market? Wouldn't that resolve most of these issues? Be proactive Google, no reactive!
Supall
December 14, 2011 at 10:50am
I'm glad there are at least watchdogs on the Android market. Popularity and flexibility allows these kinds of things to fester more. What I want to know is how Lookout catches these things. Do they have some poor soul who's job is to download apps everyday and scan them?
Connect with MaximumPC
Featured Content
The gang discusses the GTX 690, Trinity, Ivy Bridge, Amazon, big-box stores, MMOs,...
This month's issue
Feature
Build a PC On Any Budget
Feature
Cloud Services Showdown
How-To
Encrypt Your External Drive
Build It
Upgrade an X58 Rig
Most Commented Articles
Latest Max PC Tweets
- maximumpc: Original RickRoll Video Returns to YouTube After 24-Hour Copyright Hiatus http://t.co/MaH9Sxyy1 day 13 hours ago
- maximumpc: Corsair has decided not to go forward with its $78 million IPO, citing weak equity market conditions http://t.co/A5a4DAzj1 day 13 hours ago
- maximumpc: Want to work at Maximum PC? Our Online Managing Editor, Alex, is moving away, so we need a new one. http://t.co/9Z7JCh0E3 days 11 hours ago
