Security

Hundreds of Fake Apps Roam the Google Play and App Store Platforms

By Bill Toulas / September 27, 2019

Trend Micro researchers have discovered hundreds of fake apps for the iOS and Android, which feature wrong descriptions, violate the App Store and Google Play policies, and are devoted to gambling. Some of these apps even found their way up to top 100 lists without Apple and Google realizing their true nature and removing them from their official package repositories. This is yet another alarming case that clearly highlights the risks of downloading and installing anything you see on the official app store, as Apple and Google show an inability to review these apps with adequate scrutiny.

Even more worryingly, Trend Micro claims that these hundreds of apps are somehow related. They demonstrate the same suspicious behavior, with an ability to transform into gambling apps, which is a heavily restricted category, and also subject to even stricter app store policies. The apps are available on gambling websites too, so people may still find them and download them onto their devices. This, however, will require the activation of untrusted sources which is a safety step that may save some. In quite a few cases though, the researchers noticed that the download button on the websites redirected to the App Store, so many of these apps somehow passed the required reviews.

fig-7-gambling-apps-app-stores

Source: blog.trendmicro.com

Some of the apps that Trend Micro exposes in their report are:

The explanation for how this happened lies in the fact that these apps weren’t originally distributed as gambling apps. Instead, they pretend to be weather apps, wine review apps, newsreader apps, etc. Their descriptions match their features, and so they are taking the required permissions to enter the app stores. The “switch” that gets activated later on is hidden inside the app’s API, which isn’t apparent during the review process. Of course, Trend Micro has sent the list with the malicious apps to Google and Apple, and both companies responded immediately by removing them from their respective app stores.

Does this mean that if you’re using one of these fake apps you should remove them? While some may think that there’s no reason to delete the gambling apps from their device, we should point out that there are shady communications between the app and their C2 server infrastructure going on, and they are Base64 encoded. If that is ok with you, then go ahead and keep them on your device.

Have something to say on the above? Feel free to share your thoughts in the comments down below, or on our socials, on Facebook and Twitter.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: