A new malspam campaign offers fake ‘Apex Legends’ mobile app for download

• Researchers noted that fake Apex Legends application for Android is being offered in multiple YouTube channels in the form of an APK download link.
• The fake mobile version download link has been clicked approximately 100,000 times over the past 5 days.

Researchers spotted a new malspam campaign targeting Apex Legends players with fake mobile app version for download.

Apex Legends is a free-to-play battle royale game developed by Respawn Entertainment and published by Electronic Arts. The battle royale game was released on February 4, 2019, and is available for Microsoft Windows, PlayStation 4, and Xbox One. The game has reached over 25 million players since its release.

Why it matters - A security researcher from ESET, Lucas Stefanko noted that fake Apex Legends application for Android is being offered in multiple YouTube channels in the form of an APK download link.

“Remember #Fortnite Android malware? Now, fake @PlayApex app spreads via YouTube video with a link to actual APK that needs to be manually installed. Video has over 600K views and 100K clicks on APK link in 5 days. APK is not available now, but this can be easily changed by admin,” Stefanko tweeted.

Worth noting - Lookout cybersecurity company’s Twitter account Phishing AI spotted 39 domains running apex coin scams, and several other domains running fake aimbots, and other game cheats. One of the domains tracked by Phishing AI also pushed malicious flash updates.

What to watch out for - BleepingComputer also observed one of the scams which have been promoted through multiple YouTube channels and videos. It is to be noted that some of the videos have more than 250K views.

“These scams redirect viewers to the almobile.pw or getapex.mobi domains which ask users what mobile version of Apex Legends they need, redirecting the users straight to a set of offers hosted that will show them a video of Apex Legends gameplay when successfully completed,” BleepingComputer noted.

If the users opt for Android version, the domains hosting the scam will start an APK download and will finally show them a gameplay video after the offers are successfully completed.

While no malware is involved in the scam, the scammers aim to trick ‘Apex Legends’ players to complete two of the offers by marking them as ‘Human Verification’ and promising that ‘Unlocking will allow access to download APEX LEGENDS Mobile’, thereby earning commissions.