Recently, more than 10 million users have been tricked into installing a fake application called “Updates for Samsung – Android Update Versions (Update for Samsung). It is known that this fake application will lead people use a website filled with ads and charge for downloading.
Koutsejs Kuprins, a malware analyst with CCIS Security Group, told ZDNet: “I contacted Google Play Store and asked them to consider removing this application.” At the same time, he also made a report on the shady behavior of the application.
Samsung devices have always had problems with updates, so bad guys took advantage of this flaw to create a phishing application. As a result, there are more than 10 million users in the trap.
Kuprins said: “Actually, it’s not possible to blame users when they go into the store to find an update after buying a new Android device. Vendors often release Android builds in small numbers, and it makes users encounter a lot of confusion to keep up. “
“Users may feel a bit difficult with system updates. This leads to confusion when using the app store to search for updates.”
The “Update for Samsung” app is committed to users who will solve the update problem for them by leading them to a website directly connected to Samsung. But according to Kuprins, this is a scam. This application is not affiliated with Samsung, it only uploads a website with the .com domain name in the WevView component (on Android browser) filled with ads.
Try reviewing the app reviews, we can see hundreds of users complaining that the site is full of ads, not helping them handle updates.
The site offers both system updates for Samsung in free and paid downloads, but after learning the source code of the application, Kuprins said that for free downloads, the site limits download speed to only 56KBps, making the download slow down and losing, not downloading completely.
Kuprins said: “Through tests, we found that downloading could not end, even when using a quality network package.”
But that is the purpose of these people, being unable to complete the free download pushed users to buy $ 34.99 high-end packages to download any file.
The problem is that this application does not follow the Play Store payment rules, they have their own payment channel. Instead of the security provided by Google’s payment system, this private payment channel opens up many risks of securing user information.
In addition to fake updates, the app also offers a SIM card unlock service for $ 19.99. However, it is unclear whether this is another fraudulent application or not.
However, this application is not malicious software, because it does not perform any destructive actions when there is no user license. It is simply a “scam”, “trick money” or “ad creation software” application.
Kuprins further confirmed with the ZDNet technology site that: “I haven’t found any malicious behavior of the app for the device. However, when the application works, it creates lots of pop-up ads. . “
Sharing about finding the app, Kuprins said he searched for “updated” keywords on Google Play Store to find bad apps and the “Samsung Update App” stands out on search results because of the amount settings that it owns. With 10 million downloads for a phishing application, this is definitely the perfect candidate for removing from the Play Store.