Malware Targets Android Market with Fake “Angry Birds”, “Cut the Rope” and More
Google Inc. has pulled 22 apps that are masquerading as legitimate versions of popular games like Angry Birds and Cut the Rope.
The fraudulent apps would install a premium rate SMS Trojan that would rack up hidden charges on the user's phone bill. The apps would lure customers into clicking on options that would send text messages to premium line numbers leaving the user to foot the bill. According to Lookout Mobile Security, the new threat called RuFraud has been found in an initial batch of apps on the Android Market that include horoscope apps, wallpapers, and game apps that pretend to be legitimate games like Angry Birds.
The apps have already been downloaded tens of thousands of times and have mainly affected users in Europe.
"It appears that these apps may have reached a broader audience while published to the market: we estimate upwards of 14,000 downloads of these apps," Lookout wrote on its official blog.
Google pulled the initial batch of piracy apps from the Android Market but more reappeared over the weekend as free versions of popular games. Sophos, another mobile security firm said the apps came from developer Logastrod. The developer made copies of many popular games and installed a Trojan program in them.
"The attacker created at least a dozen copies of the most popular games and published them as a free version after adding code to send SMS messages to premium line numbers," Sophos principal virus researcher Vanja Svajcer wrote on the Sophos official blog.
The fake games would ask permissions from users to "send SMS messages", "read SMS or MMS messages" and even "modify/delete SD card contents."
The fake apps include "Cut the Rope", "Need for Speed", "Assassins Creed", "Where's My Water? ","Riptide GP", "Great Little War Game", "World of Goo", "Angry Birds", "Shoot The Birds", "Talking Tom Cat 2", "Bag It!" and "Talking Larry the Bird". The apps have been pulled from the Android Market.
Android is the most popular operating system in the world today. It has also attracted the attention of many malicious app developers. To protect your Android device you need to install an anti-virus app to screen the malicious apps from your phone or tablet. However there are other precautions you can take. Don't download apps from suspicious sources. Read user reviews about the app you're downloading and research the apps publisher. And most importantly read any requested permissions carefully. If a simple app is asking for serious, privacy invading permissions like the ability to send or receive SMS or phone calls, you need to think twice before accepting.