More than 10 million users have been tricked into installing a completely fake Samsung app named ‘updates for Samsung’ that promised the users with firmware updates. But in reality, it took the users to an ad-filled website and charged them for firmware downloads.
The app took advantage of the difficulty that users were getting while accessing the firmware and OS updates for Samsung phones. Hence the app had a large number of downloads.
In an interview, Aleksejs Kurpins, a malware analyst at the CSIS Security Group, said: “I have contacted the Google Play Store and asked them to consider removing this app.”
“It would be completely wrong to judge people for mistakenly going to the official application store for the firmware update after buying an Android device,” a security researcher said. “Vendors bundle their Android operating system builds with an intimidating number of software, which can easily get confusing for so many users out there.”
“A user can be easily lost in search of [system] update procedure. And ultimately can make a mistake of going to the application store in search of a system update.”
The “Update for Samsung” app promises to solve this problem for those who are not technical in any sorts, by providing them with a centralized location where Samsung phone owners can access their firmware and OS updates all at the same time.
However, the website on which you’ll land offers both free and paid (legit) Samsung firmware updates, but, it doesn’t end here. After digging up the app’s source code, Kurpins said the website limits the speed of free downloads down to 56 Kbps, which ultimately leads to timed out download.
Kurpins said, “During our tests, we too have observed that the download doesn’t finish; even while using a reliable network.”
But once you crash all your free downloads, the app pushes users to purchase a $34.99 premium package to download any files.
Now the problem here is that this app breaks Play Store rules and on top of that uses its own payment system, rather than the one which has been provided by the store itself. And once you chose to do that, you’ll be vulnerable, since your payment data is being logged in to a third-party app. Along with all that, the app offers a $19.99 SIM card unlocking service, which as far as we know is another intent for a money grab.
A Complete Fraud, That’s What It Is
As far as the malware consent is concerned, we don’t think that this app is malware, as it does not perform any sorts of malicious actions whatsoever.
“I haven’t found the app to perform anything malicious on the device that I used,” Kurins confirmed in an interview. “However, when the app is open, it tends to show so many full-screen ads, almost every single time when you tap on the screen.”
Having more than 10,000,000 installs, Google needs to have the app disabled from the Play Store.