There is a rise in the amount of malware-laced apps for Android as more repackaged software is present in unofficial marketplaces offering content for the mobile platform.
The trend is most apparent in Chinese app stores, but it is also in other global regions as well.
Bad guys rely on two separate tactics, both having roughly the same objective: Tricking the user into installing software that can lead to financial damage or at least to extreme annoyance, said researchers at Trend Micro.
“First, foreign apps that have been localized or repackaged by Chinese companies and used for various schemes. Secondly, paid/premium apps can be repackaged by pirates to produce a ‘free’ version that contains ads or other added code. In either case, there is a risk that the repackaged code may be malicious,” said Veo Zhang, mobile threat analyst at Trend Micro, in a blog post.
Some companies contracted by the original developers to localize an app may include code for displaying advertisements and collecting the money themselves, he said. In some cases, users may end up tricked into clicking a button that makes a payment via SMS.
Zhang said the ads can collect the location of the user, the phone model and the list of installed apps without users’ consent, or even intercept payment notices.
In the business of repackaging paid apps, attackers tamper with them in order to show the victim a never-ending cycle of advertisements for different services, software part of affiliate marketing schemes or spyware that looks like a security app that asked for root privileges, as Zhang found in his research.
In one instance, the researcher found an altered version of the Monument Valley game that included an advertisement library and promoted fake messages that led to scams luring the potential victim with purchase offers for mobile devices, iPhone included, for only $100.
The user ends up asked for personal details like name, phone number and address. This information then ends up used to call the user and demand a prepaid shipping fee.
Zhang conducted the research based on the lists of the most popular apps, many of them repackaged, available at major Chinese app stores. Getting to top positions ends up influenced artificially through fake downloads and commercials.