Recently, a security firm disclosed that Google Play listed fake Android apps with over 50,000 installations. Read on to know more…
Google Play which is the content store for Google’s Android apps is not new for listing fake and malicious apps. But the latest report published by the cyber security firm Quick Heal Technologies claims that the Google Play app store had listed several fake apps that did not actually provide their listed offerings. Researchers at global IT security firm Quick Heal Technologies have discovered in Google Play store specific fake apps with over 50,000 installations that dupes innocent users to download and rate other sponsored apps.
Modus Operandi
In a blog post last week, Rupali Parate, an Android malware analyst at Quick Heal Technologies wrote in a blog “These applications appear to be genuine as a PDF reader, PDF Downloader, PDF Scanner etc., but don’t have such functionality,”. The post also reports that in some of these fake apps, the application is simply loading a url. In fact, the application does not even have any permission with regard to a genuinePDF reader or converter.
These fake Android applications prompt users to download and rate five star to sponsor apps in order to unlock this application. After installation of other application and rating, the user would be able to use the PDF reader after 24 hours. Interestingly, these apps also make it look authentic by asking users to login with a password and later use the same password to unlock the application. Parate stated that “But after 24 hours, the same loop starts. It asks users to login with some created password and asks them to download the same application to unlock the application,”
The basic intention of the developer of this application is to increase the download count and good rating of sponsored apps. Surprisingly, the sponsored application also functions as the same way. Parate said that “Users should be careful while downloading such fake applications. User can easily recognize it by going through review,” Parate further said that Quick Heal had reported about these fake applications to Google as they pose serious threat towards smartphone security.
Security Tips
Android users should be careful while downloading such fake applications as these take away a lot system permission which could be harmful.
Quick Heal recommends that you should check for the following to identify fake mobile apps on Google Play before downloading:
* Check an app’s description before you download it.
* Check the app developer’s name and their website. If the name sounds strange or odd, you have reasons to suspect it.
* Go through the reviews and ratings of the app. But, note that these can be faked too.
* Avoid downloading apps from third-party app stores.
* Use a reliable mobile antivirus that can prevent fake and malicious apps from getting installed on your phone
In brief, Quick Heal recommends that before downloading any app, users should check the description, the app developer’s name and website. Going through reviews and ratings is also needed, though these can be faked easily.
Recently, Google had revealed details on how it was cracking down on fake app reviews as well. In a blog post, Google said it had removed million of fake ratings from the Play Store and that has a team of engineers monitoring for suspicious activities on ratings, reviews.