Trend Micro has discovered the fake Flappy Bird app on Google’s Android Play Store. The malicious app asks for the additional read/send text messages permissions during installation, something that is not required in the original version.
All of the fake versions of Flappy Bird were so far premium service abusers, apps that send messages to premium numbers, thus causing unwanted charges to victims’ phone billing statements. Apart from premium service abuse, the app also poses a risk of information leakage for the user since it sends out the phone number, carrier, Gmail address registered in the device.
Dhanya Thakkar, Managing Director, India & SAARC, Trend Micro said “ The original Flappy Bird has been officially taken off the mobile app stores, but hackers have reportedly released knock-offs of the ‘addictive’ game, containing spam, to trick users into sending premium rate text messages.”
Trend Micro researchers find out that the fake apps were most prominent in stores targeted at users in Russia, as well as Vietnam.