Go to listing page

Fake Android app serves bogus ‘Samsung firmware updates’ and troubles 10 million users with unwanted ads

Fake Android app serves bogus ‘Samsung firmware updates’ and troubles 10 million users with unwanted ads
  • When installed, the app “Updates for Samsung - Android Update Versions” would present users with a website filled with ads.
  • The app also has a separate section that offers both ‘free’ and ‘paid’ firmware updates.

An Android app claiming to provide firmware updates for Samsung users has been unearthed by a security researcher. Known as “Updates for Samsung - Android Update Versions”, the app presents users with an ad-filled website after the installation. The app was discovered by security researcher Aleksejs Kuprins of CSIS Security Group. It has over 10 million installations on the Google Play Store.

The big picture

  • A ‘Download Firmware’ section in the app offers users paid subscriptions for firmware updates. It also offers firmware updates for free.
  • The free updates have a download speed of 56 KBps. However, the download would fail and prompt users to opt for an annual paid subscription for $34.99.
  • The app uses its own payment method instead of the official Google Play subscriptions. Hence, it would ask users to enter their credit card information.
  • Researchers noted that once users enter their credit card information, it is passed to an API endpoint under updato[.]com, the ad-filled website shown by the app.
  • Furthermore, the app also boasts of providing SIM card unlocking services at $19.99.

No malware-related activity

Kuprins believes that the app did not distribute any malware to users who installed it. “I haven't found the app to perform anything malicious on the device. However, when the app is open - it does display a lot of full-screen advertisements, almost after every other tap on the screen,” he told ZDNet.

As of now, the “Updates for Samsung - Android Update Versions” is still available in Google Play Store. Users are advised to refrain from installing such apps that promise ‘firmware updates’.

Cyware Publisher