Fake, malicious World Cup-themed apps targeting Android users
The 2014 FIFA World Cup in Brazil start today, and Trend Micro researchers have pointed out yet another thing that fans need to be careful about: fake and malicious versions of World Cup-themed apps.
Other researchers have already warned about malvertising attacks on popular websites, fraudulent domains selling fake tickets, fake giveaways, phishing and malware campaigns, and ATM skimmers.
Mobile users should be aware that cyber crooks have taken to cloning popular apps and adding to them malicious routines that subscribe users to premium services, leak user-critical information, and install malicious links and shortcuts on the mobile device home screen:
Other fake apps steal and send out text messages, and install additional malware on the infected device.
“Finally, we found a malicious World Cup slot game app that we detect as ANDROIDOS_MASNU.HNT,” they noted. “Its malicious routines include filtering user payment confirmation messages, so that users may not notice the real amount of money they’ve been paying when playing this game, and thus spend more without restraint.”
According to the researchers, they have already found more than 375 questionable or outright malicious World Cup-themed apps, and more are sure to be offered while the sporting madness continues.
The vast majority of these apps lurks from third party app stores, so users are advised to avoid them altogether or to be extra careful when reviewing apps they want to install from them. Installing a mobile security solution is also a good idea.