Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.
Security Response

Thieves in the Temple: Android.Opfake Makes Another Run

Created: 16 May 2012 17:35:36 GMT • Updated: 23 Jan 2014 18:15:36 GMT • Translations available: 日本語
Irfan Asrar's picture
+3 3 Votes
Login to vote

The Opfake gang can be called many things but “lazy” isn't one of them. In the digital age we live in, they are taking the analog art of social engineering to new heights. Several dummy sites have been established, acting as a front for the distribution of popular game titles.

All of the front-end sites connect back to a central back-end site that acts as a file generator or repository. The following list includes some front-end sites we have identified so far:

  • [http://]www.fruitninjaandroid-apk.ru
  • [http://]www.flashplayerandroid-apk.ru
  • [http://]www.cuttherope-android-apk.ru
  • [http://]www.cuttherope-experiments-apk.ru
  • [http://]www.cuttherope-apk.ru
  • [http://]www.angrybirds-android-apk.ru
  • [http://]www.jellydefense.ru
  • [http://]www.templerun-android.ru

 

 

You’ve got to love the fact that they are now showing actual screenshots from a device playing the game in an attempt to get people to believe that the game is a legitimate copy.

Users should always pay attention to the permission requests when installing apps and, when in doubt, check for the official developer’s website for an official download link. In my next blog, Android Apps Get Hit with the Evil Twin Routine: Part 2, we will take a closer look at the common tricks that we have seen being used by dodgy apps and how to avoid them.