Beware of Trojanized Flappy Bird game
Posted on 11.02.2014
Trojanized versions of Flappy Bird, the mega-popular iPhone and Android game that has recently been pulled from Google Play and Apple's App Store by its creator, have begun popping up on third-party Android markets.

Flappy Bird has become hugely successful in a matter of months - over 50 million users downloaded it, and it reportedly earned Dong Nguyen - its Vietnamese developer - over $50,000 per day through its in-game advertising.

It is still unknown why he decided to pull the addictive app from the two markets on Sunday, while keeping two of his less popular games.

But cyber crooks don't care, and have taken advantage of the huge unmet demand by issuing Trojanized versions of the game.

"Especially rampant in app markets in Russia and Vietnam, these fake Flappy Bird apps have exactly the same appearance as the original version," Trend Micro researchers noted.

"All of the fake versions we’ve seen so far are Premium Service Abusers — apps that send messages to premium numbers, thus causing unwanted charges to victims’ phone billing statements."

Unlike the original version of the app, these ones ask an additional permission from the user: the permission to read, receive and send SMS messages.

Apart from sending out messages to premium service numbers and intercepting and hiding those received in return, these fake Flappy Bird apps are also able to connect to a C&C server through Google Cloud Messaging, and to exfiltrate the information the app has access to on the device: phone number, carrier, Gmail address registered in the device, and so on.

"Other fake versions we’ve seen have a payment feature added into the originally free app. These fake versions display a pop up asking the user to pay for the game. If the user refuses to play, the app will close," the researchers added.

If you are really that interested in playing the game, you can always buy smartphones with the app installed from eBay vendors, or try out the online version of the game.









Spotlight

Windows 0-day exploited in ongoing attacks, temporary workarounds offered

Posted on 22 October 2014.  |  Microsoft is warning users about a new Windows zero-day vulnerability that is being actively exploited in the wild and is primarily a risk to users on servers and workstations that open documents with embedded OLE objects.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Oct 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //