Security experts from Sophos warn users about several fake Android games hosted on Google Play. These apps don’t just help fraudsters make money, but some of them have also been found to collect information.
One of these applications, made by a developer called “abbaradon,” is called Plants vs Zombies. The app offered by this developer on Google Play has nothing to do with the popular game.
Instead, it’s a simple puzzle app that leverages the reputation of Plants vs Zombies to attract attention. The fake game generates an income for the fraudster by pushing all sorts of advertisements.
Besides the ads, the bogus app also installs search applications and modifies the browser’s homepage.
Another fake game published by the same developer is Pro Evolution Soccer (PES) 2012. It not only pushes adverts, but it also collects information such as phone number and email address.
In many cases, these games – advertised as free versions of the real thing – contain a license agreement of some sort which informs users about all these activities, but that doesn’t make it any better.
“Various advertising frameworks are being used by the apps, including Apperhand, Clicxap, Airpush and Startapp - presumably earning money for the developer who is bandying around apps on the Google Play store, pretending that they are free versions of popular games,” Sophos’ Graham Cluley explains.
Google is having a difficult time keeping the Play site clean. As a result, users must not only download apps from trusted sources, but they must also make sure that they’re verified.
For instance, the genuine versions of popular games have many reviews and a large number of downloads. In addition, they’re published by renowned companies, such as EA.
Furthermore, Android users are advised to install an antivirus application on their devices since, in many cases, security apps are capable of identifying malicious software.