Home Editor's News Malicious Flappy Bird apps detected

Malicious Flappy Bird apps detected

February 11, 2014 | Posted by Dan Raywood

After the mobile application Flappy Bird was pulled by its creator, malicious versions are now being detected.

 

According to detections by Malwarebytes and Trend Micro, fake versions of Flappy Bird are spreading online. According to Malwarebytes, a free game has been detected not only for Android, but also for iOS. Malwarebytes security researcher Chris Boyd said that clicking the link took the user to surveys, which have now been taken down.

 

Boyd said that each clickable option took him to a mobile-centric sign-up page, where links typically required some form of mobile number sign up and/or payment to process.

 

“The Flappy Birds scam on the blog actually sits outside the iTunes store on this occasion – all of the clickable links take the end-user to various survey scam offers, and they all try to convince them to sign up to cash-draining mobile messages,” he told IT Security Guru.

 

“The scam on our blog is one that takes place in a standard web browser only, with the fake links (which lead users to the survey page) being posted to the IMVU groups page.”

 

Trend Micro said that the fake Flappy Bird apps have exactly the same appearance as the original version and all of the fake versions it had seen so far sent messages to premium numbers, thus causing unwanted charges to victims’ phone billing statements. After the game is installed and launched, the app will then begin sending messages to premium numbers.

 

Other fake versions have a payment feature added into the originally free app and, if the user refuses to pay, the app will close.

 

Creator Dong Nguyen originally gave no reason for taking the game down, saying via his Twitter page that he was taking it down as he could not “take this anymore”.

 

Michael Sutton, vice president of security research at Zscaler, said he was not surprised that there are malicious versions of Flappy Bird showing up on third party app stores, as malware authors constantly take advantage of popular games by posting cloned/malicious versions in third party app stores.

 

“In this case they have an even better angle – offering a desirable app that is no longer available. As we’ve often had to learn that hard way – ‘if it seems too good to be true…it probably is’,” he said.

 

Sutton said that he doubted that a malicious version would make its way into the official Google Play store, although it was very rare for cloned/malicious apps to appear in the Apple App store.

 

“How popular a malicious version would rank in a third party app store would depend upon how the store measures popularity, but without the need to compete with an official version of the app, the malware author would certainly have an opportunity to promote their cloned app without any official competition,” he said.

Recent

OPSWAT Market Share Report Finds at Least 15% of Devices at Risk

OPSWAT today announced the release of their latest market share report, which includes detailed analysis of the market share of antivirus vendors and products. The report also takes a look at the use of real time protection (RTP) by users of top antivirus products and the number of devices with persisting threats or potentially unwanted (…read more)

January 29, 2015

Security Advisory for “GHOST” Vulnerability on Linux Systems

Researchers at Qualys recently revealed a critical vulnerability in the Linux GNU C Library (glibc), that allows attackers to remotely take control of an entire system without having any prior knowledge of system credentials.   The vulnerability is known as GHOST (CVE-2015-0235) as it can be triggered by the       gethostbyname functions. It affects many (…read more)

January 28, 2015

Data Privacy Day musings from the Infosec community

Today marks the ninth annual Data Privacy Day; the purpose of which is to raise public awareness and advocate data protection and privacy best practices. Over the last year we’ve seen many high profile breaches, which involved eBay, JPMorgan, and most recently Sony Pictures Entertainment – so it is very clear that now more than (…read more)

January 28, 2015