We have heard about a number of counterfeit apps on the Google Play Store that have duped users and made loads of money by pushing ads.
In the latest reveal, CSIS Security Group’s report suggests that an app named ‘Updates for Samsung’ promising updates for Samsung phones has been installed by over 10 million users.
Once installed, the fake app redirected users to an ad-farm that charged money for downloading the update. But unlike most fake apps, the CSIS Security Group did not find the app attempting to push any malware onto the phone. The app simply takes advantage of the difficulty of installing firmware and operating system updates on Samsung phones and pools them all together for the user. This is done without any affiliation to Samsung and loading a domain named updato(dot)com in an Android browser.
But that’s not all. Digging through the site reveals that the vendors offer a free and paid Samsung firmware updates to users. But digging through the app’s source code, researchers found that the website limits the speed of free downloads to 56 kbps, causing the so-called ‘free’ firmware downloads to eventually time out. By crashing all of its free downloads, the developers of the app force people to shell out $34.99 for a premium package to download any files.
The issue here is that the app violates Play Store rules and uses its own payment platform to process the payments rather than the one provided by Google. This poses a threat to users as their payment data may get intercepted or logged by third-party sites rather than being encrypted by Google’s protected payment channel.
The app also offers a $19.99 SIM card unlocking service but it remains unclear if this functions as intended, or is just another scam route.
What is concerning though is that there may be hundreds of apps on the Play Store which scam users in a similar way but fail to go under the scanner since they might have fewer downloads.