Android owners with Minecraft under attack from dodgy apps

If you’re a Minecraft gamer or know someone that is, and there’s an Android phone being used somewhere in that home, look out, because your mobile might be a world filled with malware and scareware, not just blocks and diamonds.

Security group ESET has this week confirmed that Google’s app marketplace is a bit of a hotbed for fake applications designed to lure in Minecraft gamers to show “cheats” for the title, with each apps possibly installed hundreds of thousands of times on Android devices worldwide.

The apps aren’t truly dangerous, at least not yet, acting as what ESET calls “scareware” and showing banners and ads aimed at convincing the everyday user that their phone or tablet is infected with a virus, with a click on these banners leading you to premium SMS subscriptions that cost a good $10 per week that do nothing to help you, since your phone isn’t technically infected with a virus.

Interestingly, while the apps with this scareware in them generally have negative feedback on Google Play — over 30 of the apps, if you can believe it — people are still downloading them.

“The seriousness of this threat lies in the fact that it may have been downloaded by almost three million users from the official Google Play store,” said Lukas Stefanko, a Malware Researcher at ESET.

ESET sends word that while Google does have a security scanner for apps uploaded to its platforms, the scanning system “Bouncer” isn’t perfect, and while it does work at reducing the amount of malware found on the store, it’s not going to get them all, especially apps relying on social engineering through banner advertising as a means of tricking customers.

That being said, Google is apparently adopting new ways of checking apps that aren’t solely reliant on automatic checking, as another ESET Researcher points out.

“While there are more people creating malware and finding news way to publish it, Google’s new policy of having humans review each app should keep these off the Google Play store,” said Sieng Chye Oh, one of ESET’s Security Researchers.

That’s certainly good news, but the bad news comes with it, and that’s you can’t expect scam attempts like this — even scareware — to go away any time soon.

“As long as Android has 78 percent of the market share, scammers will continue to focus on this market,” said Oh, telling GadgetGuy that the key to staying ahead of scammers would be education.

“Knowing how they operate and how to keep yourself protected, especially against scareware and social engineering is the best way to make sure users stay safe. Users should continue to exercise caution and review any software before downloading and installing it.”

With Minecraft as popular as it is with the little ones, it might be worth checking your phone or tablet for apps of these apps to see whether they’ve been installed.

If they have, get rid of them, and make sure some form of mobile security is installed, as well as talk about what apps are being installed to a phone, because this isn’t going away, and being informed appears to be the only way to make sure you’re not scammed out of money.