Offering bogus packs of popular games have always been a well-liked approach of malware peddlers around the world.

GFI has recently spotted a fictitious Vice City version of Grand Theft Auto being offered on a third-party site that tricks users into downloading a Trojan masquerading as a Flash update.

Once the victims download, install and run the bogus app, they are faced with a big button they have to press in order to start the game. But clicking on just makes another message appear, saying "“Flash Player is required” and offering a download link.

The bogus Flash update wants to get a lot of permissions that the legitimate one wouldn't ask for:


That's because the update is actually a variant of the Boxer SMS Trojan, which will start sending out messages to premium rate numbers as soon as it is installed.

"The only games Rockstar have released on the official Google Play site are versions of GTA 3 and the original Max Payne. There is no version of Vice City currently available from the publishers, much less a version authored by someone called 'Vickie' sitting on a Russian language download site registered to someone in China," GFI's Chris Boyd points out what should be obvious to anyone.

Once again, users are advised to restrict their downloads from official download sites, and to always critically check things such as the name of the developer, comments left by users, and permissions required by the app before downloading it.