Friday, March 22, 2013
Candy Crush players warned vs ‘dubious’ Android apps
MANILA, Philippines — It was only a matter of time, but security experts have already issued warning against “dubious” applications trying to latch on to the success of Candy Crush, an Android game with Facebook integration that has already surpassed the likes of Farmville in terms of popularity in the social network.
In a security alert, Trend Micro Technical Communications Specialist Gelo Abendan warned that “dubious developers” have already started creating suspicious app that ride on the Candy Crush fame, which could become launchpads for malware attacks in the future.
Candy Crush Saga, a free mobile game developed by King.com, has amassed widespread popularity among users worldwide. It is a puzzle strategy game that requires players to connect matching “candies” to score points, and comes with a social component that makes the game a lot more addictive.
According to Abendan, Trend Micro was able to detect “adware” apps that contain code for the Leadbolt and Airpush ad networks, which were among the most prevalent form of adwares found in 2012.
“While not inherently malicious, adware can be abused by cybercriminals for their own gains. Adware not only uses aggressive advertising tactics such as persistent notifications, but also collects information about the user. This could be construed as a violation of the user’s privacy,” Abendan explained.
Some of the dubious apps detected by the security software company includes an app that offers tips and tricks for getting through the game, as well as another that recommends playing another game through persistent notifications. Trend Micro said the same kinds of apps have been detected for popular mobile applications such as Instagram, Bad Piggies, and Temple Run.
So as their device will not be hit with by one of the more than 1 million malicious Android apps predicted to hit devices this year, Trend Micro suggests taking extra security precautions when installing apps on their devices, such as reading thoroughly through the app’s description page.
“Comments can be a goldmine of information, since you’ll know what other users are saying about their experience with the app. Once you install any apps, make sure that you check out the permissions that they are asking for,” Abendan added.
Touted as the most insecure mobile platform today thanks to its “openness,” Android has become a breeding ground for malware in the past several years, especially with the ease of distributing apps through the Google Play Store.
In 2012, 293,091 apps on the Android platform were found to be malicious and of these, 68,740 were found on the official Google Play store. Around 22% of these malicious apps were found to leak information about the user.
Such developments are crucial in a market like the Philippines, where one out of every four mobile phones are powered by the Android platform, and where games such as Candy Crush Saga enjoy a huge following.
source: interaksyon.com