Fake Versions of World Cup 2014 Apps targeting Android users

Security Experts at Trend Micro have discovered different World Cup themed malicious application targeting Android mobile devices.

The World Cup 2014 is an excellent occasion for cyber criminals to trick users with social engineering techniques into downloading any kind of malicious content. Of course mobile users are a privileged target for cyber criminals, different World Cup-themed malicious apps have been detected by security experts in this period, Trend Micro recently warned users of the presence of fake versions of World Cup 2014 Apps. According to experts at Trend Micro more than 375 spurious apps are targeting Android users that are downloading them from third-party app stores.

“We found these malicious apps lurking in unauthorized/third party app download stores, just waiting for users to install them on their mobile devices. Upon analysis, we found that the bulk of the malware in question are variants of prevalent mobile malware families,” reports a blog post by Trend Micro.

The malware experts detected variants of Android trojan OpFake in the third-party app stores, the malicious code is currently adoèted in numerous scam schema, the researchers were principally concerned by malicious apps which were spreading “SMS Stealer” Android malware.

Another malware family very popular within malicious apps discovered is ANDROIDOS_SMSSTEALER.HBT, the version detected was improved with remote control capabilities which allows the attackers to execute commands on the victim’s devices, including a block of incoming texts, sending SMS to other numbers, or installing additional malicious applications.

 

Experts also discovered malicious World Cup apps with a new variant of malware dubbed ANDROIDOS_OPFAKE.HTG, a typical Premium Service Abuser which affected users find themselves charged with premium service fees that they never themselves purchased.

Slot Game Swindling is another profitable activity for World Cup scammers, as explained by the experts at Trend Micro, malicious World Cup slot game apps were detected as ANDROIDOS_MASNU.HNT.

The malicious apps implement filtering user payment confirmation messages, “so that users may not notice the real amount of money they’ve been paying when playing this game, and thus spend more without restraint.”

“Some football betting apps have also been found leaking information without user notification, as well as blatant security risks in their micropayment process. We advise users to be very careful with their financial and personal information when using these apps (or not to use them at all).” states the blog post.

Trend Micro detected many other World Cup-themed malicious apps which implements various routines for data stealing and pushing ad notifications/unwanted app advertisements.

Be aware, do not download applications from third-party app stores and adopt security solutions on their mobile devices.

Pierluigi Paganini

(Security Affairs –  World Cup 2014, mobile)