Malicious Versions of Flappy Bird Game Send SMSs to Premium Rate Numbers

Unlike the legitimate version, the rogue apps ask for permission to read and send SMSs

By on February 11th, 2014 13:53 GMT

As expected, Flappy Bird’s popularity and the controversy surrounding the game are being abused by cybercriminals. Security experts have spotted several trojanized Android versions making the rounds online.

According to Trend Micro, most of the rogue versions of Flappy Bird for Android have been spotted on app markets in Russia and Vietnam. Although they appear similar to the original version, most of the fakes are designed to send SMSs to premium rate numbers.

Users can tell the malicious variants apart from the legitimate one if they’re careful when installing the apps. The trojanized Flappy Birds requests a larger number of permissions, including to read and send text messages.

Once the malicious variants are installed, they start sending messages to premium rate numbers. In addition to inflating phone bills, the rogue game also retrieves information such as phone number, Gmail address and carrier from the infected Android phones.

Other malicious Flappy Birds versions are designed to display a pop-up asking victims to pay for the game.

The threats receive instructions from the cybercriminals through the command and control servers. Trend Micro’s solutions detect the threats as ANDROIDOS_AGENT.HBTF, ANDROIDOS_OPFAKE.HATC, and ANDROIDOS_SMSREG.HAT.

Comments