Fake Samsung Update App Downloaded By Over 10 Million Android Users

Once again, a malicious app has taken the Google Play Store by storm and is tricking Android users. The app claims to provide users with Android updates for the users of any Samsung device. However, a researcher reveals that the fake Samsung update app is nothing but a fake!

Fake Samsung Update App Tricks Android Users

According to researcher Aleksejs Kuprins from the CSIS Security Group, a fake Samsung update app is preying on Android users. The app ‘Updates for Samsung – Android Update Versions’ presently has more than 10 million downloads, and is still active on the Google Play Store.

As revealed in a Medium blog post by the researcher, the app links back to a blog ‘Updato.com’. The blog appears to be a digital publication site that also powers the Android updating app. The app claims to offer ‘free’ and ‘paid’ subscriptions to the users for downloading firmware updates. As mentioned in its description on Play Store, users can download ‘any Android update, for any device or region, ever released!’ through this app.

While the app does provide firmware download with a free subscription, the researcher highlighted how it throttles speed to annoy users. This might be a move to convince the users for a paid subscription. As stated in his blog,

The download rate is limited to 56 KBps. Which means that a download of a typical firmware ROM of ~700 MB would take at least an infuriating wait of 4 hours.

Furthermore, according to what most app users mentioned in their reviews, free downloads usually fail after time-out. Customer reviews also reveal that the app, at times, fails to provide any firmware update altogether.

According to the researcher, the app, despite not being officially affiliated to Samsung or Google, demands around $34.99 from users to download updates. Then, instead of following the Play Store rules, the app asks payment details from the users over their own payment system.

The app simply asks for your credit card info and sends it to an API endpoint under updato[.]com over HTTPS.

Not A ‘Virus’ – But An ‘Adware’

Alongside its claims of providing firmware updates, the app also offers a SIM Card unlocking service for $19.99. Yet again, the payment method does not follow Google’s secure payment channel.

The users of this app need not to be alarmed as the app is not a virus by itself. However, the way it barrages users with ads, it seems more like adware. Or, it might also serve as a way of bringing traffic to the original blog.

The customer reviews of the app also show that it has not served them with any useful services. Thus, it is better for the users to stop using this app and go for the official update procedures.

Let us know your thoughts in the comments.

Related posts

ZenHammer Memory Attack Exploits Rowhammer Against AMD CPUs

Sign1 Malware Targeted Over 2500 WordPress Sites In Recent Campaign

Unsaflok Flaws Allow Unlocking Saflok Door Locks With Forged Cards