Customer Relationship Management News NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home CRM Systems Customer Service Contact Centers Business Intelligence More Topics...
Druva inSync Free Trial
Druva inSync with DLP, analytics & secure file sharing.
www.druva.com/inSync-Trial
You are here: Home / Network Security / Fake Flappy Bird Steals Money
Is your endpoint data protected?
Fake Flappy Bird Will Peck a Hole in Your Wallet
Fake Flappy Bird Will Peck a Hole in Your Wallet
By Jennifer LeClaire / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
FEBRUARY
12
2014



Flappy Bird is making massive headlines this week after its creator took the game down because it was so addictive. Gamers started looking for the popular app elsewhere and some got more than they bargained for: malware.

Cybercriminals are taking advantage of Flappy Bird flying away and are pushing out clones that contain malicious software. It’s reportedly hard to tell the difference between the real game and the fake. But the phony apps are sending expensive text messages using a victim’s phone number.

“All of the fake versions we’ve seen so far are premium service abusers -- apps that send messages to premium numbers, thus causing unwanted charges to victims’ phone billing statements,” Veo Zhang, a mobile threats analyst at Trend Micro, wrote in a blog post. “The fake Flappy Bird app asks for the additional read/send text messages permissions during installation -- one that is not required in the original version.”

How it Works

While the user is busy playing the game, this malware stealthily connects to a C&C [command & control] server through Google Cloud Messaging to receive instructions, Zhang reports. Trend Micro’s analysis of the malware revealed that through this routine, the malware sends text messages and hides the notifications of received text messages with certain content.

“Apart from premium service abuse, the app also poses a risk of information leakage for the user since it sends out the phone number, carrier, Gmail address registered in the device,” Zhang said. “Other fake versions we’ve seen have a payment feature added into the originally free app. These fake versions display a pop up asking the user to pay for the game. If the user refuses to play, the app will close.”

A Viral Marketing Boost

Paul Ducklin, a security researcher at Sophos, said allowing "off-market" app installs is a non-default option, and it produces a fairly stern warning from Google if you try to activate it. Ducklin said that the original Flappy Bird was free, with no trial period or fee, and the author made his money through ads presented by the game, not by selling the app.

“But, like writers, musicians and artists whose popularity surges when they die, Flappy Bird enjoyed a bigger-than-ever viral marketing boost upon its demise,” he wrote in a blog post. “So it's possible, even likely, that otherwise conservative users have been turning on the ‘unknown sources' feature so they can take a belated look at what the Flappy Bird fuss is all about.”

Using Common Sense

We caught up with Graham Cluley, an independent security analyst in London, to get his take on the latest Flappy Bird news. He told us it’s always better to buy Android apps directly from the official Google Play store -- and this is a good example of why.

“Although there have been cases of malware and shady apps getting into the official store, generally it's a lot safer to download Android apps from there than elsewhere. Wherever you source your Android apps from, always check the permissions that your app requests,” he said.

“You should ask yourself, would a simple game really need to send -- potentially expensive -- SMS messages? A little common sense can go a long way,” he added.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY BE OF INTEREST
IT departments are embracing cloud backup, but there's a lot you need to know before choosing a service provider. Learn all the critical things you need to know by accessing the white paper, "5 Things You Didn't Know About Cloud Backup". Access the White Paper now.
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Russian Gang with Stolen IDs Hacks Hosting Company
In August, a Russian cyber gang obtained what researchers called “the largest cache of stolen data." Now, those hackers may be putting their ill-gotten gains to criminal use.
 
Dairy Queen Latest Retailer To Report Hack
Known for its hot fries and soft-serve ice cream, Dairy Queen just made cyber history as the latest victim of a hack attack. The fast food chain said that customer data at some stores may be at risk.
 
Lessons from the JPMorgan Chase Cyberattack
JPMorgan Chase is investigating a likely cyberattack. The banking giant is cooperating with law enforcement, including the FBI, to understand what data hackers may have obtained.
 

Enterprise Hardware Spotlight
AMD's New FX Series CPU Breaks Processing Speed Record
The new FX-8370 processor from Advanced Micro Devices has set a record for silicon processor speed, the company announced. Overclocked, the eight-core chip was measured at 8722.78 MHz.
 
Intel Intros Lightning-Fast PC Processors
Call it extreme. Intel just took the covers off its first-ever eight-core desktop processor, which is aimed at hardcore power users who expect more than the status quo from their computers.
 
HP Previews ProLiant Gen9 Data Center Servers
Because traditional data center and server architectures are “constraints” on businesses, HP is releasing new servers aimed at faster, simpler and more cost-effective delivery of computing services.
 

Mobile Technology Spotlight
Rumor Mill Puts Mobile Wallet in iPhone 6
Apple is moving toward the mobile wallet world with its next iPhone. The tech giant has partnered with retailers, banks and major payment networks to make it happen, according to Bloomberg.
 
Will iPhone Finally Catch Up with NFC Mobile Payment Ability?
Apple's latest version of the iPhone may have a mobile wallet to pay for purchases with a tap of the phone. The iPhone 6 reportedly is equipped with near-field communication (NFC) technology.
 
Visual Search To Shop: Gimmick or Game Changing?
Imagine using your phone to snap a photo of the cool pair of sunglasses your friend is wearing and instantly receiving a slew of information about the shades along with a link to order them.
 

Navigation
CRM Daily
Home/Top News | CRM Systems | Customer Service | Contact Centers | Business Intelligence | Sales & Marketing | Customer Data | CRM Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.