Fake mobile AV apps offered on Google Play
Downloading apps from Google Play, the official online Android app market, is not without its dangers.
Even though Google has been scanning the offered apps for malware by using “Bouncer” – an automated app scanning service that should, in theory, detect malicious software and developers who keep offering it – there are still instances where they aren’t booted out of the market soon enough.
Security researchers from AegisLab have recently discovered over 15 fake AV and “free SMS” apps being offered by the same developer (“thasnimola”) that has been flagged for selling fake NQ Mobile apps in April.
According to them, the developer uses the Appsgeyser webkit to automatically generate fake apps, and he continues offering them on Google Play.
When users try to download the app, they are redirected to the developers’ “official” site, and the researchers are still not clear on whether the offered apps are malicious, or just a way of luring users to this particular site.
The apps may be free of charge and simply not work as advertised, but the are still bad news as users who have installed them might believe they are protected when they are not.