NEWS FROM THE LAB - Friday, December 23, 2011

Impostor Apps in the Android Market Posted by ThreatSolutions @ 09:51 GMT

There seems to be a growing practice where malware authors boldly use similar package names and icons of popular apps for their malware, and then publish this malware on the official Android Market. Unsuspecting users might download this malware under the false pretense that they are getting the free/lite version of a legit app.

Similar to the practice employed by Logastrod and Miriada Production, Eldar Limited published its malware disguised as the free version of Cut the Rope and Assassin's Creed apps. The only problem is that, a simple search on the Android Market doesn't return any results for the free version of Cut the Rope. Perhaps, the free version simply doesn't exist for the Android platform but there is a free Cut the Rope Lite for iOS. This is where users might get confused and fall prey to this tactic.

Eldar Limited, Android Market

Google's app police managed to detect this fraud and quickly removed it from the Android Market. While the apps are still listed on AppBrain and AndroidZoom, the links will direct users back to the official Android Market where they have already been removed.

EldarLimited, AppBrain

EldarLimited, AndroidZoom

A useful tip for users out there is to search for the paid version of the app and take note of the developer's name. If the name on both paid and free versions matches, then it is very likely to be a safe app. Otherwise, don't proceed with the download.