In our daily monitoring of the mobile threat landscape, we found a copy of the game Temple Run in the Android Market. Temple Run is a popular game app currently available for iOS only. I checked the app and immediately noticed something odd about it. I decided to analyze it to check if my doubts had any basis.
This copy of Temple Run (or so it claims) is seen as available on the Android Market. But if you’ll check the information on the game developer, you’ll see that it is not the same developer as the one in indicated in the iOS version, which is Imangi Studios.
Once the application is installed and run, it creates shortcuts on an infected smartphone’s homepage.
If the Android-based device has Facebook installed, it asks the user to share the fake app on Facebook before playing the game. It would also prompt the user to rate the application in the Android Market.
It also is capable of displaying ads using the mobile notification.
Once user has shared and rated the app, it displays a countdown of the app’s release instead of showing the actual game. We classify this type of app as malware because of its aggressive advertising method. Trend Micro currently detects this fake Temple Run app as ANDROIDOS_FAKERUN.A.
We reported this to Google and they immediately removed it from the Android Market. We have since then found other apps doing a similar trick, so users should always be cautious of downloading apps onto their mobile devices.
The usage of popular games is not really new, as we’ve already encountered other Android malware that have used them to hide their malicious activities:
- New Android Malware on the Road: GoldDream “Catcher”
- Trojanized Android App Checks for Keywords in SMS Messages
Imangi Studios, the developer of Temple Run, announced that they will release the Android version of the game this February 2012. Users can monitor updates about the release via the apps legitimate developer/fan page.
With more than 10 billion app downloads last year from the Android Market, the Android OS is undoubtedly one of the most popular mobile platforms around. Naturally, its popularity makes it a likely target for cybercrime. In our 12 Security Predictions for 2012, we are expecting that smartphones, tablets and particularly the Android OS will suffer more attacks this year.
Users need not worry as their mobile devices are protected from this threat with Trend Micro Mobile Security via pattern 1.187.00. Trend Micro Mobile Security is powered by the Trend Micro™ Smart Protection Network™.
On the other hand, to avoid being tricked into downloading fake apps, users may follow the tips we shared in our post, Checking the Legitimacy of Android Apps, as well as the information in our Mobile Threat Information Hub.