Scammers use innovative Google Play Store ploy to trick users

Be wary of those copycat apps

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Security researchers have discovered a host of applications available for download via theGoogle Play Storethat are imitating legitimate, well-known pieces of software. The fake apps, which collectively have more than 10 million downloads, subject users to a significant number of out-of-context ads.

During White Ops’ latest Satori Threat Intelligence and Research investigation, dubbed ‘CopyCatz,’ 164 apps were found mimicking notable apps in order to garner downloads. Once downloaded, the apps in question displayed either in-house ads or out-of-context interstitials.

“The Satori team discovered that these apps contain code capable of displaying out-of-context ads under the com.tdc.adservice package,” a White Ops blog postexplained. “The apps’ behavior is controlled by a command-and-control JSON hosted on Dropbox (Note: Dropbox is another victim, not a participant, in the CopyCatz operation). The URL of the JSON differs from app to app, but the structure is very similar, indicating the frequency of the ads and the Publisher ID to be used.”

The imitation game

White Ops found that many of the copycat apps went under names that were similar to the legitimate pieces of software that they were mimicking. For example, they identified an app titled, “Assistive Touch 2020,” which was clearly attempting to piggyback on the success of the genuine Assistive Touch app, an accessibility feature available for both Android and iOS platforms.

Although the fake apps did not try to cover their tracks, they did not always make it clear to users where the out-of-context ads were coming from. The interstitials that appeared excluded themselves from the system list of recently used apps and disappeared as soon as users navigated away from them.

If an individual suspects that they have downloaded a copycat app, it is recommended that it is deleted immediately. In addition, users are advised to always check the reviews carefully before downloading any piece of software as this will usually reveal any imitators.

ViaMediaPost

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.

Should your VPN always be on?

This new malware utilizes a rare programming language to evade traditional detection methods

This new phishing strategy utilizes GitHub comments to distribute malware