As the number of mobile users continues to grow, the number of fake apps also grows at an alarming rate. According to a Trend Micro’s survey of the Top 50 free apps in Google Play, almost 80% have corresponding fake versions on third party sources. Even more alarming, 100% of those in the Widgets, Media & Video, and Finance categories have fake versions.
As of April this year, 59,185 of the 890,482 sample fake apps discovered were aggressive adware, while another 394,263 were malware, reveals Trend Micro. Among all the fake apps, 50% were malicious.
There are two major types of fake apps. The first are “rogue apps,” with rogue antivirus apps being the most common, such as Virus Shield, which claimed to provide real-time scanning and personal data protection that sold for US$3.99 on Google Play. It received a 4.7- star rating after being downloaded more than 10,000 times in just one week after it was made available. Unfortunately, the app was discovered to be totally fake and offered no protection whatsoever. Researches showed that most of its downloads were done by botnet computers. Still, thousands of users had already been scammed with financial losses before the app was taken down by Google Play.
Another major type of fake apps are “repackaged apps.” These are apps that repackage popular apps and pose as the original to attract user downloads. Some of the repackaged apps are “trojanized apps,” which contain malicious behaviors and are becoming a standard tool for cyber-attacks. Games, financial apps, and instant-messaging apps are the most frequent targets of repackaged apps.
Flappy Bird was one of the hottest game apps in Q1 2014 and was downloaded over 50 million times before it was suddenly pulled down by its developer. The sudden pull-down triggered tremendous interest online and prompted cybercriminals to create trojanized versions for the app. One of the trojanized versions asked the user for permissions to send text messages, which could cause the user’s phone bill to sky-rocket.
Trojanized banking apps usually replace well-known banking apps installed from Google Play with corresponding trojanized versions, which help cybercriminals launch phishing attacks against users by stealing the victim’s financial information, causing tremendous losses for the victim.
The most notable case of trojanized instant-messaging apps are the fake versions of BlackBerry Messenger (BBM). Right before BlackBerry made its app available on Google Play few months ago, trojanized versions of BBM were released to the public to take advantage of the anticipation for the release of BBM for Android. The repackaged apps received over 100,000 downloads. These apps, however, exhibited aggressive adware behaviors and were subsequently taken down by Google Play.
“A big share of fake apps contains malware,” said Terrence Tang, Senior Director, Trend Micro APAC Region. “These apps can cause personal data breaches and financial losses. It is advised to download apps only from trusted platforms and install a reputable security app to protect your mobile devices. Trend Micro’s free mobile security app Dr. Safety features automatic protection and scanning. It prevents users from downloading apps with a malicious intent while providing the most comprehensive mobile security protection.”
Trend Micro advises that users download their apps only from trusted sources and use a reputable mobile security app such as Trend Micro Dr. Safety to protect their mobile devices.