Hacker publishes cloned games to Android Market, infects thousands with SMS exploit

As smart phones become the norm, more and more cyber crooks have approached mobile platforms with new ways to spread their malware, viruses and spam. The attacks themselves have also become more creatively sinister, circumventing both protection and common sense.

Count a new, bold ploy which offered fake copies of hot gaming apps loaded with a hidden SMS exploit to Android users among the latter.

Hacker publishes cloned games to Android Market, infects thousands with SMS exploit

Sophos Lab’s Naked Security blog broke the news that a hacker called Logastrod forged fake versions of more than a dozen popular games, published them on the Android Market as freebies and watched as thousands unwittingly infected their devices with a nasty SMS bug.

Some of the games the conman fraudulently uploaded include Cut the Rope, World of Goo, Assassin’s Creed: Revelations and Rovio’s Angry Birds, which has been legitimately downloaded over 100 million times.

Sophos Principal Virus Researcher Vanja Svacjer called the SMS scam “the most common model” for those in the mobile malware business.

“When a malicious app is installed, it starts sending or receiving messages, which makes the installation very expensive for the user,” explained Svajcer. “The damage is often seen only when it is too late, once a monthly bill is received.”

The 13 fake gaming apps and a handful of others which were labeled “RuFraud” by mobile security company Lookout have been pulled by Google. In a Sunday blog post, Lookout confirmed it told the Android Market operator about the security exploits prior to the yanking:

In the last week we have notified Google of nine identical applications that were skinned to appear more appealing to potential users: three wallpaper apps for popular movies (including Twilight), and three apps purporting to be downloaders for popular games such as Angry Birds and Cut the Rope. Google responded quickly to our reports and pulled these apps from the Android Market. At the time of removal these applications had only been downloaded by a handful of users, and the severity of the threat was still very low.

Lookout speculated that this new batch of fake apps saw over 14,000 downloads in its short time published on the Android Market. (via Naked Security)