Imangi Studios’ hit iOS game “Temple Run” is slated to hit Android platforms on February 9. Cyber scammers seized on the anticipated event by uploading a malicious facsimile of the mobile app to the Android Market this week, infecting downloaders’ devices with annoying advertisements and, worse still, no actual game.
Security company Trend Micro discovered the malware on Monday and promptly tipped off Google, who removed it. Threats Analyst Kervin Alintanahin explained that the incorrect developer information provided in the listing was a dead giveaway that the app was actually malware.
“Once the application is installed and run, it creates shortcuts on an infected smartphone’s homepage,” said Alintanahin. “It also is capable of displaying ads using the mobile notification.”
Users with Facebook installed on their Android smartphones were greeted with an additional pop-up that required them to share the app on their Facebook profile if they wanted to play it. An ironic request, as the fake app’s coup de grâce was a message that the real “Temple Run” was currently unavailable for Android, accompanied by a countdown timer to its release date.
Imangi Studios issued a brief statement about the scam Monday morning at the official “Temple Run” Facebook page: “Anything on Android claiming to be Temple Run is a scam. When the real Temple Run is out, you guys will be the first to know!”
Last December, a single hacker successfully uploaded 13 malicious SMS apps masquerading as popular games like “Angry Birds” and “Cut the Rope” to the Android Market. The malware saw more than 14,000 total downloads before Google pulled the plug.
No minor threat, Russian anti-virus company Kaspersky Labs named Android-based malware a top-five security threat for 2012. A separate McAfee report found that malware targeting the little green mascot had grown nearly 40 percent in just a few months. (via ThreatPost)