Fake Apps – a new emerging trend!

Credit to Author: Anand Singh| Date: Tue, 14 Nov 2017 11:08:51 +0000

Recently we had blogged about a fake WhatsApp app on Google Play. And soon after we started observing more fake apps getting hosted on Google Play. Interestingly, these fake apps were having good ratings and download count which clearly suggest the growing trend of fake apps in the Android world. These fake apps look like their official counterparts but they have some malicious intent. They might steal user data, display unwanted ads, push down the ratings or downloads of popular apps. These fake apps basically piggyback the popularity of genuine apps to fool users. This post discusses two fake apps observed by Quick Heal Security Labs. Pandora Plus Package name: net.pandoplus.android MD5: 7da97bf129b0f241cf59aaa29ce762fb Size: 3.3 MB Pandora is a famous app for listening to online songs and is available for Android and iPhone devices. Below is a screenshot of a fake Pandora app that recently emerged on Google Play. Fig 1: Fake Pandora app, its rating and downloading count The fake Pandora app is named as ‘Pandora plus’. After installation, it asks the user to register and provides customizable music options which the user wishes to listen. If the user taps on the ‘Next’ button, they get redirected to a webpage where the user has to rate 5 stars to get a pin code which is required to start the music app. Fig 2: Fake Pandora app redirecting user to a rating page But, even if the user gives 5 stars, the whole process is repeated in a loop and the user never receives the pin code. So, the aim of the fake app’s developer was to get a high rating as well as the download count through this app. Fig 3: Reviews by app users The fake Pandora app’s rating is 4.8 which is more than that of the original app. It has been removed from Google Play. Rating before using app is just like reading before writing, #Fakeapp, highly rated app, recently deleted from the #GooglePlay pic.twitter.com/OFwK5GDOwg — Anand Singh (@singhanand0414) November 8, 2017 The fake app ‘Pandora plus’ was reported to Google Play for removal by Quick Heal Security Lab. Quick Heal detection Android.Fakeapp.AE   Avast Internet Security Package name: com.app.avast.anti.spiapp.geektop MD5: 3b05b4910bdd8a3cd6f42c460bc6341c Size: 4.3 MB We detected another fake app that was present in Google Play bearing the name ‘Avast Internet Security’. Fig 4: Fake Avast Internet Security app This fake app was described as ‘Avast Internet Security latest version for limited users’ on the Google Play. This was to trick users into thinking that this is a new app from Avast and should be downloaded soon. Even this app has been removed from Google Play. Quick Heal detection Android.Agent.A2322 Safety measures Never rate an app before using it. Remember, a genuine might request you for a rating but would never force you to do so. Beware of apps that strongly ask you for your rating even before you can access them. These are mostly malicious or fake. Before downloading any app, check its reviews. It might have acquired fake ratings as we saw in the case of the fake Pandora app. Install a reliable mobile security on your phone that can block the installation of fake and malicious apps.   The post Fake Apps – a new emerging trend! appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice.
http://blogs.quickheal.com/feed/