Mobile malware on the rise, another case has been detected by Trend Micro Lab that targets Android smartphones. Attackers used Temple Run a widely used game application to spread and attract users to their malicious software.
The most interesting is that the application is available on Android Market which is a kind of virtual supermarket for android devices, so you will find free/paid applications or games. Now I have searched for Temple Run to find hundreds of results that match the game, so this proves that there is no verification for files uploaded.
By running the malicious game, user will have a new shortcut, malware starts searching for Facebook application to oblige victim to share it on his profile with his friends and having the game running. Obviosly this will not be enough without rating the application positively on Android Market, so others will know that victim have been very happy with the new malware.
After all these steps victim will be waiting for at least play the game but he will receive the following message “Unfortunately, The Android version of Temple Run has not been released yet! Here is a countdown for the official release…” I think that this is not honest, I would urge criminals for at least adding Tetris and not keeping customers without any game.
Trend Micro detects the malware as ANDROIDOS_FAKERUN.A but it is now clear that many malware writers are attracted by Android for system usability and popularity.