Recently we had blogged about a fake WhatsApp app on Google Play. And soon after we started observing more fake apps getting hosted on Google Play. Interestingly, these fake apps were having good ratings and download count which clearly suggest the growing trend of fake apps in the Android world. These fake apps look like their official counterparts but they have some malicious intent. They might steal user data, display unwanted ads, push down the ratings or downloads of popular apps. These fake apps basically piggyback the popularity of genuine apps to fool users. This post discusses two fake apps observed by Quick Heal Security Labs.
Package name: net.pandoplus.android
Size: 3.3 MB
Pandora is a famous app for listening to online songs and is available for Android and iPhone devices. Below is a screenshot of a fake Pandora app that recently emerged on Google Play.
The fake Pandora app is named as ‘Pandora plus’. After installation, it asks the user to register and provides customizable music options which the user wishes to listen. If the user taps on the ‘Next’ button, they get redirected to a webpage where the user has to rate 5 stars to get a pin code which is required to start the music app.
But, even if the user gives 5 stars, the whole process is repeated in a loop and the user never receives the pin code.
So, the aim of the fake app’s developer was to get a high rating as well as the download count through this app.
The fake Pandora app’s rating is 4.8 which is more than that of the original app. It has been removed from Google Play.
The fake app ‘Pandora plus’ was reported to Google Play for removal by Quick Heal Security Labs.
Quick Heal detection
Avast Internet Security
Package name: com.app.avast.anti.spiapp.geektop
Size: 4.3 MB
We detected another fake app that was present in Google Play bearing the name ‘Avast Internet Security’.
This fake app was described as ‘Avast Internet Security latest version for limited users’ on the Google Play. This was to trick users into thinking that this is a new app from Avast and should be downloaded soon. Even this app has been removed from Google Play.
Quick Heal detection
- Never rate an app before using it. Remember, a genuine might request you for a rating but would never force you to do so. Beware of apps that strongly ask you for your rating even before you can access them. These are mostly malicious or fake.
- Before downloading any app, check its reviews. It might have acquired fake ratings as we saw in the case of the fake Pandora app.
- Install a reliable mobile security on your phone that can block the installation of fake and malicious apps.