ESET has reported more than 30 fake programs that mimic Minecraft or cheat programs on the Google Play store. The forgeries are said to have been downloaded up to 2.8 million times.
Recall that in 2011, Google introduced a special protective service Bouncer in the app store, which reduced the volume of malware by 40%. In March 2015, the company announced that downloadable applications will be validated with human resources. However, the fraudulent campaign disclosed by ESET proved that the efforts were not enough.
The first Minecraft fakes were uploaded to the store in August 2014. Since publication, they have received low user ratings and negative comments. However, according to Google Play statistics, some of them have been downloaded from 100 to 500 thousand times. Only after ESET representatives approached Google, the malicious applications were removed from the store.
All malicious applications detected by ESET specialists showed similar behavior. They differ only in the names and design of the icons, which correspond to their counterparts in Minecraft. The fakes are uploaded to Google Play from different accounts, but experts believe that the same person or group of people is behind their development.
After launching the fake Minecraft, its start screen consists almost entirely of banner ads. The language of the text adapts depending on the location of the user. ESET points out that this approach is often used in another malware family – ransomware encryptors.
Any attempt to interact with the application results in a pop-up window that warns the user of a 'dangerous virus infection'. By clicking on the banner, the user is taken to a site that imitates the legitimate site of an anti-virus company. There he is asked to activate an antivirus solution via SMS at a cost of 4.80 euros per week.
At the end of the operation, the malicious application generates a special SMS message. The user is prompted to activate the antivirus protection by sending SMS. After that, the victim will be subscribed to the paid mailing list.
In such cases Android, users are advised to pay attention to ratings and reviews of applications on Google Play, not to download software on third-party sites.