Bad Pigs removed from Google Play after 10k users download bogus app

Share this article:
"Bad Pigs" removed from Google Play after 10k users download spurious app
"Bad Pigs" removed from Google Play after 10k users download spurious app

Scammers planted a malicious app in the Google Play store for Android users and designed it to look like a popular app called Bad Piggies.

The spurious app, called Bad Pigs, shows the same photo as the legitimate app when searched in Google Play. Bad Piggies is a spinoff game for fans of the Angry Birds app.  

Bad Pigs has been installed more than 10,000 times since May 25, a concerning rate given the fact that the app redirects users to unwanted ads, including one that links to a fake anti-virus scan that charges users €15 a week (or about $20) for the service, Sean Sullivan, a security adviser at Finnish security firm F-Secure, said in two blog posts this week.

The anti-virus ad is written in Finnish and also directs users to enter their phone number, which can be used for future malicious acts.

In addition, the app can gain numerous permissions on mobile devices, including creating desktop icons that link to ad sites, displaying ads in the Android notification bar, and creating bookmarks in the user's browser. The app can also access users' browsing history, determine their location via GPS and access other account information, including email addresses.

Dan Stokes is listed as the developer of Bag Pigs, as opposed to Rovio Mobile, the maker of the legitimate Bad Piggies game. The contact email for Stokes was hgfdhsdgjhd [at] gmail.com, another red flag, Sullivan said.

Under Stokes' page, two other apps for Android named Fruit Chop Ninja and Paper Toss 2 were also listed.

In a Friday email to SCMagazine.com, a Google spokeswoman confirmed the apps in question were removed from the Google Play store.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in News

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.