Video Screencast Help
Security Response

More fraudware headaches for the Android Marketplace

Created: 09 Jan 2012 14:59:33 GMT • Updated: 23 Jan 2014 18:17:57 GMT • Translations available: 日本語
Peter Coogan's picture
+4 4 Votes
Login to vote

Contributors: Conor Murray, Paul Mangan.

Fraudulent apps appearing on the official Android marketplace is an ongoing issue and one that we have blogged about in the past.  Today we received reports of yet more fraudulent apps capitalizing on popular game titles and masquerading as these games. In this case, the apps are published under the name "Stevens Creek Software".

During installation of the fraudulent app, only one permission request is made for full Internet access. In the past, we have seen fraudulent apps looking for numerous unnecessary permissions during installation that may alert the user of the risks involved in installing the app. With just one permission request required by this fraudware during installation, it may seem less of a risk to potential victims. Once installed on the device, the app opens and brings you to a splash screen related to the installed fake app which asks you to finish the installation process by clicking on the button as seen below.

If a user clicks on the button, their Internet browser is opened and they are redirected several times until they arrive at a website advertising an online income solution.

Symantec has added detection for these fraudulent apps as Android.Steek. Google has also been notified in relation to their presence on the Android marketplace.  A tip to try to help in avoiding fraudulent apps is to check if the publisher of the paid and free versions is the same.