By Martyn Williams, IDG News Service | July 16th, 2014
Trend MIcro finds hundreds of thousands of fake Android apps in trawl of online stores, forums.
Fake apps dressed up to look like official ones but actually designed to steal user data are increasingly targeting Android phone users, according to a study by Trend Micro.
The company looked at the top 50 free apps in Google’s Play Store and then searched Google’s app store and others to see if fake versions existed. It found fake versions existed for 77 percent of the apps. The fake apps are often made to look like the real ones and have the same functions, but carry a dangerous extra payload.
“We’ve been tracking the activity of malicious or high-risk apps for nearly five years,” said JD Sherry, vice president of technology and solutions at Trend Micro. “The potential for people to slip things past the gate and appear legitimate is much easier.”
Tokyo-based Trend Micro, which makes antivirus and antimalware software that guard against such risks, said it cataloged 890,482 fake apps in a survey conducted in April this year. More than half were judged to be malicious of which 59,185 were aggressive adware and 394,263 were malware.
The most common type of fake app purports to be antivirus software — targeting users who think they are protecting themselves from such problems. In some cases, the apps ask users to approve administrator privileges, which allow the app wider access to the phone’s software and data and make it more difficult to remove.
While many of the fake apps exist on forums or third-party app stores where security is either weaker than Google’s Play Store or nonexistent, fake apps can also invade the official Google store.
“A more recent example of a rogue antivirus app known as “Virus Shield” received a 4.7-star rating after being downloaded more than 10,000 times, mostly with the aid of bots,” Trend Micro said in its report.
Cheekily, scammers charged $3.99 for the fake app, which promised to prevent harmful apps from being installed. It was removed by Google after a few days, but not before it fooled thousands of users and even became a “top new paid app” in the Play Store. Trend said it was “perplexing” how the app achieved “top” status.
Attackers sometimes play on hype for apps.
When the “Flappy Bird” game was taken off the Play Store, fake versions appeared, some of which sent premium text messages. And before BlackBerry released its BBM messenger app for Android, a number of fake versions appeared that were downloaded more than 100,000 times.
Trend Micro’s report was published on the same day Google said it had formed a security team to go after so-called “zero-day” exploits in software that allow attackers to target users before software companies issue patches.
Sherry said he thought Google’s announcement was “ironic” considering the large number of problems Trend Micro found in Google’s own backyard.
“I strongly suggest they take aim at the Android marketplace and Google Play,” he said.
Martyn Williams covers mobile telecoms, Silicon Valley and general technology breaking news for The IDG News Service. Follow Martyn on Twitter at @martyn_williams. Martyn’s e-mail address is firstname.lastname@example.org