Scammers take advantage of Flappy Bird’s death to push Android malware

Scammers take advantage of Flappy Bird’s death to push Android malware

Unless you’ve been living under a rock, you’re probably well aware that the popular mobile game Flappy Bird was pulled this past weekend by its developer Dong Nguyen for being “an addictive product.” Countless fake apps have since sprung up, and unfortunately scammers have already figured out how to monetize the game’s demise.

Sophos has found infected versions of Flappy Bird in alternative Android markets (users need to sideload these apps, but as always, that hasn’t been a deterrent for most). One such fake app is a “trial version” that demands you send a text message (to a premium number, of course) and won’t let you completely quit the app until you do.

Trend Micro also found fake Android apps, which it says are especially rampant in app stores across Russia and Vietnam. While these behave exactly like the original app (they’re not trial versions), they also stealthily connect to a Command and Control server through Google Cloud Messaging to receive instructions.
These are for sending text messages, hiding the resulting notifications, as well as for transmitting over the user’s phone number, carrier, and Gmail email address registered with the device.

These are very basic threats, and ones we’ve seen on Android before. Thankfully, they won’t do that much damage to your Android phone or tablet, but that doesn’t mean you should still go out looking for the game.

In short, Flappy Bird is dead, but the scams are only beginning. Our advice is the same as always when it comes to Android malware: stick to Google Play and only install apps that you know are safe.

See also – First Android bootkit malware spotted; reportedly found on over 350,000 mobile devices, most in China and Android malware emerges on Google Play which installs a trojan on your PC, uses your microphone to record you

Read next: Update: Microsoft says changes to China-related Bing searches were an error, not censorship