1 Million Android Users were infected by Gaming Apps

Pierluigi Paganini July 13, 2015

Researchers discovered a malicious Android Trojan disguised as gaming app that was served through the official Google Play more than 1 Million times.

We already explained that Google Play Store was abused several times to serve malicious applications, a practice that is very common and everyday new bogus apps are proposed on the official store despite Google promptly remove them.

This time researchers discovered a malicious Facebook-Credentials-Stealing Trojan disguised as an Android game, the problem is that the malicious app has been downloaded around 1 Million times, making one of the more successful malicious apps in Android.

The malicious “games” are named “Cowboy Adventure” and “Jump Chess” and when this article was written the apps had been already removed from Google Play Store, but, before that may have compromised many Facebook accounts, since this malicious app steals Facebook credentials.

“Cowboy Adventure” and “Jump Chess” were developed by Tinker Studio and their purpose are to gather social media credentials.

About “Cowboy Adventure”, once it is installed the game will ask for a Facebook login window( fake) and will ask users for their username and password, the thing where is that normally users don’t suspect this, because nowadays many applications/games require the Facebook’s credentials,  using the principle of Single Sign on.

malicious Android app CowboyAdventure

If the user inserted his Facebook’s credentials, the app will send the credentials to the attacker’s server.

If you are, dear reader, downloaded one of these apps, you need to change your Facebook password immediately and any other applications that you used with the same credentials.

As many defend, this wasn’t an innocent mistake made by Tinker Studio, it looks clear that this was made intentionally to steal Facebook credentials.

Please when downloading an Android APP keeps always in mind:

  • Download apps from official sources
  • Before download, read users’ reviews, in the case of “Cowboy Adventure” users said that the game locked their Facebook accounts.
  • Install in your smartphone a malware scanning software, from known companies
  • Use two-factor authentication in such services like Facebook, email, etc. etc.

About the Author Elsio Pinto

Elsio Pinto (@high54security) is at the moment the Lead McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/

Edited by Pierluigi Paganini

(Security Affairs – Android, malicious apps)



you might also like

leave a comment