Security researchers at TrendMicro have spotted some fake applications that are used by cybercriminals. These malicious apps themed with the world cup running at the moment in Brazil. The applications are hosted on third party stores and targeting smartphones and tablets.
The first case is an application called App Fakery a fake world cup game which is an Android malware that subscribes victim to premium services, Also it sends user sensitive information including contact list and inbox messages. It will also install few shortcuts on the home screen. Obviously by installing the malware there will be no football game.
The second case is another android malware that is circulating to steal SMS from smartphone devices, this will create a remote connection with C&C server to make the phone part of a botnet and allow cybercriminals control victim device. This may lead to install another piece of malware that are hosted on internet.
Another reported case is a Trojan that target Android system and will subscribe victim to premium services which will make them charged and paying fees to services without their knowledge. The last and not least is a World Cup slot game app that will infect Android and this malicious application will filter certain messages that inform user of payments so he will not be aware of his spending.
While you enjoy the world cup make sure to verify the sources of application you install on your system. Some of the security measures are:
- Read the release notes of the application and make sure that it is still supported with constant security updates
- Check the online review and avoid application that have negative reviews
- Check the permission required for the application that Google provide for end user, avoid application that ask for full access
- Install a security software with the latest definition to protect your system
- Avoid applications with low number of download as this indicate that it is not tested by many user