87 fake Minecraft apps have been discovered, with a combined total of 990,000 installs
A slew of fake Minecraft mods have been discovered on the Google Play Store that, when downloaded, expose users to scams and aggressive ads.
According to ESET Security, there were 87 apps in total which reached a combined total of 990,000 downloads before they were reported last week.
ESET divides them into two categories: the ad-displaying downloader identified as Android/TrojanDownloader.Agent.JL and fake apps redirecting users to scam websites, detected as Android/FakeApp.FG.
The ad-displaying category contained 14 apps disguised as Minecraft mods, all of which have no real functionality and use an additional component that has to be manually downloaded to display out-of-app advertisements.
“When launched, the apps immediately request device administrator rights,” ESET explains. “Once device administrator is activated, a screen with an ‘INSTALL MOD’ button is displayed. Simultaneously, a push notification informs the user that a “special Block Launcher” is needed in order to proceed with the installation.
“After clicking the “INSTALL MOD” button, the user is prompted to install the additional module ‘Block Launcher Pro’. Installing the module brings the user to a dead end – a static Minecraft-themed screen with no clickable elements. The only actual function of the app and its module is to display ads – which now show up on the user’s device, interrupting their activity.”
In comparison, the apps that redirect to scam websites use what ESET describes as “an old trick” whereby a download button is displayed that simply takes the user to an external website in the browser,
Here, the website displays all manner of obtrusive content, such as ads, surveys, free coupon offers, jackpot wins and pornography, along with fake updates and fake virus warnings attempting to scare the user.
“To prevent being tricked by fake apps and malware, opt for official app markets,” ESET advises. “Even then, exercise extra caution when downloading third-party apps offering additional functions to existing applications, as there may be a “catch” in these attractive-sounding offers.”
What do you know about the mobile app revolution? Try our quiz!