Quick Heal Security Lab has spotted few FakeApps with more than 50,000+ installations on Google Play Store. These applications appear to be genuine as a PDF reader, PDF Downloader, PDF Scanner etc., but don’t have such functionality. The main purpose of these apps is to increase the download count of other applications and improve their ratings.
Fig 1. List of applications present on Google Play Store.
These applications prompt users to download and rate 5 stars to sponsor apps in order to unlock this application. After installation of other applications and ratings, the user will be able to use the PDF reader after 24 hours. But after 24 hours, the same loop starts. It asks users to log in with some created password and asks them to download the same application to unlock the application.
Fig 3. PDF converter with 50k+ downloads count
Fig 3. Login page and sponsored app download applications.
The application just loads a URL “https://shar*********.blogspot.com/p/index.html” and displays the above webpage. It does not have any permissions in the manifest related to a PDF reader or converter.
The basic intention of this application is to increase the download count and good rating of sponsored apps. The sponsored application also does the same thing. In order to use other applications, first user should rate and download sponsored app. This is the trick of the author to increase the download count to earn revenue in the easiest way.
Users should be careful while downloading such fake applications. User can easily recognize it by going through review. We have reported these applications to Google.
Fig 4. Users review.
Here is the list of package name with MD5 :
Package Name |
MD5 |
com.frenzy.live |
8d9bb39840bcf8c751418cb691eb8893 |
com.shartel.pdfebookconverter |
46d45604a170a22a113d8f645ebca62c |
com.shartel.pdfebookreader |
71b392ffa80e96d63dfd08410cbd5b3d |
com.shartel.pdfebookdownloader |
b1e787f0ad43a1ccead89071d8532725 |
com.shartel.pdfscannerocr |
dd519b9901cd544e0016331ccf666670 |
Quick Heal Detection
Quick Heal detects this application as :
Package Name | Detection Name |
com.frenzy.live | Android.Fakeapp.A3f8f |
com.shartel.pdfebookconverter | Android.Fakeapp.A3f93 |
com.shartel.pdfebookreader | Android.Fakeapp.A3f90 |
com.shartel.pdfebookdownloader | Android.Fakeapp.A3f91 |
com.shartel.pdfscannerocr | Android.Fakeapp.A3f92 |
How to stay safe from fake mobile apps
1. Check an app’s description before you download it.
2. Check the app developer’s name and their website. If the name sounds strange or odd, you have reasons to suspect it.
3. Go through the reviews and ratings of the app. But, note that these can be faked too.
4. Avoid downloading apps from third-party app stores.
5. Use a reliable mobile antivirus that can prevent fake and malicious apps from getting installed on your phone.
1 Comment
Wow…nice article Ms. Rupali.
Keep up the good work.