Debate Magazine

Fake Apps on the Android Play Store

Posted on the 27 November 2017 by Darkwebnews @darkwebnews

Fake apps uploaded to the Google Play Store by ill-motive developers are the primary source of viruses that are on smartphones today. The viruses come in the form of adware, spyware, malware and Trojans.

The most recent event that caused a stir and hit the headlines is where millions of Android users were duped into downloading a fake WhatsApp messenger application. The fake WhatsApp Android app was one with the sole intent of getting Android users to download it so that the developers could generate high volumes of revenue from ads and downloads.

The tactic applied by the fake developers includes duplicating the names of the apps with their corresponding brand icons and creating a new Google Play Store profile that mimics that of the legitimate WhatsApp developer.

They're able to slip into the store without notice by Google's security team by slightly altering a few characters of the brand name to convince Android users that it's indeed an upgrade of the existing software.

The revelations came after some Reddit users were quick to note that after downloading the fake version, the now-new software was not behaving like the actual version. But instead, it was requesting for some excessive permissions.

Developers who create fake versions of apps and upload them to the Play Store tend to use Unicode characters accompanied by blank spaces in a bid to ensure that there are similarities between the fake versions and the legitimate applications.

The trick is just the latest one in use after Google discovered that malicious apps had gained tremendous popularity and were being installed by millions of unsuspecting Android users across the globe via the Play Store.

After this, Google decided to boost their security protocols in an effort to catch these fake apps before they even entered the Play Store marketplace.

This has been a difficult ride for Google, though. More and more fake apps are entering the Play Store on a regular basis, despite the tech giant's best efforts to prevent this from happening.

A while back, some fake Instagram applications were discovered on the Google Play Store, and their sole intention was to steal Android users' credentials. The tools were used for not only managing the number of Instagram followers of the user, but also for increasing the numbers for users who wanted a larger following.

Upon downloading the application and launching it, one would be required to enter their credentials and logins on a screen that resembled the actual Instagram page. And upon doing this, the data was automatically sent to a remote server.

Since Instagram is a popular app used by hundreds of millions of people across the globe to share the images and videos, the number of parties affected was over a million.

The developer of the fake Instagram applications would then get the actual logins of the persons who entered their username and password to undertake various activities on the account such as viewing users' messages, uploading and deleting pictures, liking and commenting, and last but not least, removing and adding followers.

In the above case, the developers used the compromised accounts to add followers to other accounts, liking and commenting on behalf of the user, sending spam and, ultimately, generating increased ad revenue.

As of now, the number of fake applications that clone legitimate ones is not precisely known. However, concerned social media users can take certain measures, such as checking reviews before downloading the apps, to ensure they do not fall victim.

Although, this precaution doesn't always work as some cunning developers tend to post fake positive reviews from decoy accounts.

Some years back, viruses were more of a norm on Android marketplace, but Google has adopted new measures to keep their customers safe. Among the most common ways Google checks the legitimacy of an app is by use of automated scanning tools, which check to see if the app carries a virus of some kind.

The applications would require excessive permissions for them to function on an Android smartphone but thanks to the new Google features, developers can't take advantage of the situation. Even though the vice of fake apps dominating the Play Store remains common, it is not as severe as it was back then.

The real question is how many individuals or entities will continue using the loophole on the Google Play Store to upload the viruses of various types.

Fake applications on the Google Play Store often are not sourced from a single entity. Instead, several entities that operate independently are involved in posting multiple fake software programs on the marketplace. The mode of work will vary based on the goal of the hacker or group of hackers behind the malicious applications.

The matter brings into question the issue of safety and security within the mobile devices landscape. Security companies are weighing in on the subject. Norton, for example, published a blog post meant to enlighten Android users on how fake apps operate.

The post talks about the dangers of fake applications, providing illustrations of malicious programs that mimic reputable brands such as Netflix and Angry Birds, both of which had fake versions for Android users to download to enable developers to gain ad revenue.

The threat is even more intensified given the fact that malicious developers are increasingly targeting banking and other financial applications to undertake activities with the goal of siphoning a user of the funds in their bank account or even mobile wallet.

Since users regularly enter credit/debit card details on their Android smartphones, spyware can collect the data gathered and send it to the developers. Technically, this is a real threat to the banking sector since the information obtained may be put up for sale on the dark web, among many other places.

Despite all this, some measures can be followed to ensure one is safe and for those affected, there are some steps to take to get rid of the problem.

First, an Android user should not be so quick to hit the download button; it is essential to check the authenticity of an app by going through the reviews.

This tip helps but is not always efficient as there are those who also manage to get fake reviews for the dubious apps they have created. Using sceptical judgement is the best option in this scenario.

Secondly, an individual should check the profile of the app's developer. Only download apps from trusted sources since they have built a reputation over time.

Thirdly, if an Android user has had their social media account compromised, like in the case for Instagram, then the best move to take is to change the existing password since hackers can continue accessing the account.

If the password is similar to that of the email used in the setup, then some may go to the extent of changing the email password. If this happens, then there's a high possibility that they may never get access to their email.

And last but not least, for users who have already been affected, it's imperative to uninstall the malware with immediate effect since failure to do so will only have more information leaked to third parties. Also, unwanted pop up ads will continue to occur on their Android phones if the adware-enabled app remains installed.

It remains the responsibility of the user to ensure that their device is not compromised since if it happens, their Android mobile phone may be rendered useless to some extent. Perhaps seeking the services of an established mobile anti-virus provider will save a great deal.


You need to enable JavaScript to vote

Back to Featured Articles on Logo Paperblog