ESET researchers say they discovered fake versions of Prisma, a popular photo transformation app, on the Google Play Store.
According to the researchers, the fake apps lure users into providing personal information or subscribing to bogus and costly services including several dangerous Trojan downloaders.
According to the technology security company, before the Prisma copycats was removed at ESET’s notice, it had recorded over 1.5 million downloads.
[quote font=”georgia” font_size=”22″ font_style=”italic” align=”left” arrow=”yes”]According to the technology security company, before the Prisma copycats was removed at ESET’s notice, it had recorded over 1.5 million downloads.[/quote]“Most of the fake Prisma apps found on Google Play didn’t have any photo editing functionality; instead they only displayed ads, warnings, or fake surveys, luring the user into providing personal information or subscribing to bogus and costly SMS services,” Lukas Stefanko, ESET Malware Researcher discloses.
ESET however said that before the official release date, fake version appeared on the Google Play Store, riding the wave of user’s impatience.
”The most dangerous Prisma apps found on Google Play were Trojan Downloaders detected by ESET as Android/TrojanDownloader.Agent.GY. These apps sent device information to the C&C server, and on request, download additional modules and execute them.”
As a results of its download capabilities, the Android/TrojanDownloader.Agent.GY family of malware poses a serious risk to more than 10,000 Android users who installed these dangerous apps before being pulled from the Google Play Store.
“It was clear that the Prisma app would be eagerly awaited by the Android folks, given its popularity on the iOS platform. Such situations often attract bad guys who put out fake apps either copycats or various derivatives, from tutorials to cheats – on Google Play to ride the wave of excitement”, he adds.
ESET experts recommend that Android users follow the most basic rules for ‘Android application hygiene’, stating that users should only download from reputable sources.
They also advise the checking of user reviews and focus on negative comments, “keeping in mind that positive ones may be fabricated,” adding that they should read the App’s terms and conditions, with an emphasis on its permissions.
In addition, they suggest the use of quality mobile security solutions and there is need to be more careful than usual as they are likely to discover copycats along with the original app. As such, users should thoroughly check the App name and developer’s names.