The 2014 FIFA World Cup in Brazil has begun, and Trend Micro researchers have pointed out yet another thing that fans need to be careful about: fake and malicious versions of World Cup-themed apps.
Trend Micro earlier warned about App Repackaging, Growing Underground Economy, and Toolkit Availability which Pushed Mobile Malware and High-Risk App Count to 2 Million in first quarter of 2014.
Mobile users should be aware that cyber crooks have taken to cloning popular apps and adding to them malicious routines that subscribe users to premium services, leak user-critical information, and install malicious links and shortcuts on the mobile device home screen.
App Fakery
One of the malware families detected is ANDROIDOS_OPFAKE.CTD
We also discovered that the remote server the apps connect to has 66 different domains, with each domain spoofing famous websites like MtGox.com.
SMS filtering and theft
Another malware family we detected leveraging World Cup fever is the ANDROIDOS_SMSSTEALER.HBT family. Variants of this family share similar methods of fraud and fakery with OPFAKE, with one exception: they can connect to their remote C&C server to receive and execute commands, some of which being adding an SMS filter (to block/conceal certain incoming messages), sending SMS, and installing new malware.
Premium Service Abuse
We also found that the Trojan mentioned in our previous blog is also part of the cybercriminals’ World Cup arsenal, with a new variant we detect as ANDROIDOS_OPFAKE.HTG. A typical Premium Service Abuser, affected users find themselves charged with exorbitant premium service fees that they never themselves purchased.
Slot Game Swindling
Finally, we found a malicious World Cup slot game app that we detect as ANDROIDOS_MASNU.HNT. Its malicious routines include filtering user payment confirmation messages, so that users may not notice the real amount of money they’ve been paying when playing this game, and thus spend more without restraint.
Trend Micro has already found more than 375 questionable or outright malicious World Cup-themed apps, and more are sure to be offered while the sporting madness continues.
“The vast majority of these apps lurks from third party app stores, so users are advised to avoid them altogether or to be extra careful when reviewing apps they want to install from them. Installing a mobile security solution is also a good idea,” said Dhanya Thakkar, Managing Director, India & SEA, Trend Micro.
