Enterprise Intrusion Analysis, Part One

Responding to a Brute Force SSH Attack

Data Recovery on Linux and <i>ext3</i>

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909

WiMax: Just Another Security Challenge?

Time to Squish SQL Injection

Lazy Workers May Be Deemed Hackers

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909

The Scale of Security

Hacker-Tool Law Still Does Little

News, Infocus, Columns, Vulnerabilities, Bugtraq ...

Vulnerability Summary for the Week of January 30, 2012

Vulnerability Summary for the Week of January 23, 2012

"Anonymous" DDoS Activity

Vulnerability Summary for the Week of January 16, 2012

Vulnerability Summary for the Week of January 9, 2012

Microsoft Updates for Multiple Vulnerabilities

Vulnerability Summary for the Week of January 2, 2012

Wi-Fi Protected Setup (WPS) Vulnerable to Brute-Force Attack

Vulnerability Summary for the Week of December 26, 2011

Vulnerability Summary for the Week of December 19, 2011

In our daily monitoring of the mobile threat landscape, we found a copy of the game Temple Run in the Android Market. Temple Run is a popular game app currently available for iOS only. I checked the app and immediately noticed something odd about it. I decided to analyze it to check if my doubts had any basis.

This copy of Temple Run (or so it claims) is seen as available on the Android Market. But if you’ll check the information on the game developer, you’ll see that it is not the same developer as the one in indicated in the iOS version, which is Imangi Studios.

Once the application is installed and run, it creates shortcuts on an infected smartphone’s homepage.

If the Android-based device has Facebook installed, it asks the user to share the fake app on Facebook before playing the game. It would also prompt the user to rate the application in the Android Market.

It also is capable of displaying ads using the mobile notification.

Once user has shared and rated the app, it displays a countdown of the app’s release instead of showing the actual game. We classify this type of app as malware because of its aggressive advertising method. Trend Micro currently detects this fake Temple Run app as ANDROIDOS_FAKERUN.A.

We reported this to Google and they immediately removed it from the Android Market. We have since then found other apps doing a similar trick, so users should always be cautious of downloading apps onto their mobile devices.

The usage of popular games is not really new, as we’ve already encountered other Android malware that have used them to hide their malicious activities:

• New Android Malware on the Road: GoldDream “Catcher”
• Trojanized Android App Checks for Keywords in SMS Messages

Imangi Studios, the developer of Temple Run, announced that they will release the Android version of the game this February 2012. Users can monitor updates about the release via the apps legitimate developer/fan page.

With more than 10 billion app downloads  last year from the Android Market, the Android  OS is undoubtedly one of the most popular mobile platforms around. Naturally, its popularity makes it a likely target for cybercrime. In our 12 Security Predictions for 2012, we are expecting that smartphones, tablets and particularly the Android OS will suffer more attacks this year.

Users need not worry as their mobile devices are protected from this threat with Trend Micro Mobile Security via pattern 1.187.00. Trend Micro Mobile Security is powered by the Trend Micro™ Smart Protection Network™.

On the other hand, to avoid being tricked into downloading fake apps, users may follow the tips we shared in our post, Checking the Legitimacy of Android Apps, as well as the information in our Mobile Threat Information Hub.

Post from: TrendLabs | Malware Blog - by Trend Micro

Fake Version of Temple Run Unearthed in the Android Market