A handful of apps purporting to specialize in virus detection and malware scanning were recently removed from Google’s Play marketplace and Amazon after being deemed fake.
Security researchers at FireEye discovered five apps in particular that accounted for up to 50,000 downloads and essentially did nothing outside of taking users’ money and leaving them with a false sense of security.
Jinjian Zhai, Jimmy Su and Humayun Ajmal said that paid versions of the apps were available on Google Play for customers outside of the US or UK, but that customers inside the US or UK could download free versions of the apps that came with options to upgrade in-app.
The apps, some free, some which retailed for up to $3.99, were all uploaded to Play and Amazon by a developer with the name Mina Adib according to FireEye.
The apps all boasted that they’d be able to protect mobile devices from hackers in one way or another – most through a virus scanner. In actuality the apps, with names like Anti-Hacker PLUS, Me Web Secure and JU AntiVirus Pro, were nothing more than a “façade of images and progress bars.”
As Shai, Su and Ajmal point out in looking at the other apps’ code, none of them actually scanned anything – they all just featured a superfluous progress bar that moved from left to right.
It appears that at least one of Mina Adib’s apps, The Teacher, is still available on Amazon – but that particular app wasn’t mentioned in FireEye’s research.
It’s the latest work from the FireEye researchers who mostly specialize in analyzing Android code. In March Su and Zhai, aided by Tao Wei, investigated exactly how much information – users’ age, gender, etc. – the Android version of the popular game Angry Birds collects and shares with third parties. As it turns out the app mines quite a bit of user information, then “transmits it to other advertising clouds.”
Bogus apps, especially those of the Android variety, are nothing new.
Earlier this year more than 10,000 Android users were duped into downloading the $3.99 Virus Shield, another fake app, before Google was forced to take it offline, refund users’ money and offer those tricked into downloading it an extra $5 promotional credit.
The app, which at one point even found itself atop Google Play’s Top Charts list, claimed to offer “one-click virus protection” but did nothing of the sort — but that didn’t stop it from catching on like wildfire.
If nothing else the fake apps should highlight the persistent vigilance that needs to be exercised when it comes to downloading applications from app stores, even official storefronts like Google Play.