FaceApp in the crosshairs of fraudsters – fake versions install malware

Share:

The creators of FaceApp have another problem. The controversial application served as a cover for numerous fraudsters publishing copies of the program with “bonuses” for users in digital distribution stores and on various sites.

The FaceApp application has recently gained considerable publicity. Only that it results not only from using it as part of another fashion for the so-called challenges, but controversial provisions in the user agreement, in which – in a nutshell – the creators of the program somehow wash their hands of the responsibility for the data of people using it. Nevertheless, the matter is debatable, which cannot be said about another threat associated with the FaceApp Challenge craze. There have been reports of a real avalanche of FaceApp clones impersonating the original application.

The Kaspersky Lab team noticed the first counterfeits on July 7, which only about two unique users found for two days. On the other hand, representatives of the Promon company indicated (we follow the Forbes newspaper) that the reason for this is the lack of FaceApp protection against – as it was defined – “repacking attacks”. This refers to downloading the original program and modifying it for your own purposes and then making it available in digital distribution stores or on .apk file pages under the name of the original application. As you can guess, the “creators” of FaceApp clones are unlikely to be at the heart of users’ welfare. According to Igor Gołowin, a cybersecurity researcher at Kaspersky Lab, users who install one of these fakes receive a gift in the form of malware called MobiDash. When we try to run the application, we receive an error message and supposedly uninstall it from our device. However, the program still runs in the background and displays ads without the user’s consent.

This is not all. ESET posted a warning on the WeLiveSecurity website against sites offering an extended version of FaceApp. In fact, scammers force the flood of offers encouraging to buy paid applications, subscriptions, surveys, ads, etc. In addition, users receive requests to enable notifications from various sites, which – surprisingly – translates into receiving information about subsequent questionable occasions. Advertising has also been reported about fictitious FaceApp Pro on YouTube. Videos promoting the program are placed along with short links, referring not to the alleged premium version, but to programs installing subsequent applications. One of these types of links was clicked 96,000 times, and although this does not translate into installations enough, it indicates considerable interest of Internet users.

https://topantiviruslist.com/category/antivirus-for-android/ – Install good antivirus for android

Using the popularity of mobile applications to distribute ads and viruses is nothing new. Pokemon GO and Fortnite have a crowd of followers and installation files with “gifts” for careless users (via articles by Kaspersky LAB and Malwarebytes Labs). That is why, together with other services, we urge you not to download applications from unknown sources as much as possible, and carefully check the required permissions before installing them, as well as the name of the manufacturer and user comments in the store. Another thing is whether you want to install FaceApp itself in the light of still unresolved doubts about the use of private data by the creators.