These fake apps start as a seemingly normal app, with varying features and functionalities (e.g., for weather tracking or entertainment purposes), but we found that the fake apps can be controlled to appear innocuous. The fake apps we found do not meet the guidelines. Google Play, in addition, only permits gambling apps in certain countries and as long as they meet their requirements. A June update, for instance, states that HTML5 games distributed within apps may not provide access to real money gaming, lotteries, and others. Gambling or real money gaming apps are not prohibited on the App Store and Google Play however, they are heavily restricted. How the fake apps bypassed the app stores' review Figure 6 shows the screenshots of its Google Play listing, and the actual UI when users launch the app. These fake apps are deployed similarly on Google Play.
Screenshots of the app on Google Play and the translated description (top), and the actual UI when launched (below) The app, as downloaded, was entirely different from its description on the App Store.įigure 6. But this time, it exists in a mobile app. However, upon opening the app, we found a different content - looking similar to the webpage we previously mentioned. The app’s description on the App Store, as seen above, talks about global holiday info. According to its description on the iOS App Store, the app provides global holiday info (left), but the real UI is about a lottery (right)
#Google play store ios apk#
This APK has the same user interface (UI) of the gambling apps loaded via WebView.įigure 4.
#Google play store ios how to#
Fake App Store page (left) and instructions on how to install enterprise app on iPhone (right)įor Android users, the download button will redirect them to a page that hosts an Android application package (APK) file, with the package name “”. In other cases that we observed, some apps had pop-ups of a webpage that lure the user into installing an enterprise app that is not managed by the App Store.įigure 3. This means that these gambling apps passed the iOS App Store’s review. Notably, the download button on the site will redirect the user to the App Store. Original webpage (left) and its English translation (right) For instance, when visiting the website, the page below will be shown.įigure 2. The apps can be downloaded either through a gambling site or the aforementioned app stores. Screenshot of the applications, where a seemingly normal app (left) also has an entirely different look (right) Note: iOS apps (top), Android apps (below) How the apps are distributed: From webpage to app store Both have since removed the apps from App Store and Google Play.įigure 1. We’ve notified Apple and Google about our findings. Some were even rated more than 100,000 times. Some of the apps ranked in the Top 100 of the App Store and were possibly downloaded numerous times. While the apps’ descriptions varied, they share the same suspicious behavior: They could transform into gambling apps that may get banned for violating local government regulations and app store policies. We found hundreds of the fake apps on iOS App Store and Google Play, with descriptions that are inconsistent with their content. These fake apps masquerade as similar apps to trick unwitting users into downloading gambling apps. Recently, we also uncovered counterfeit applications hiding among legitimate offerings on app stores.
We have previously reported on fake Android voice apps on Google Play, which were observed to be impostor apps for voice messenger platforms. Google Play and iOS App store are no strangers to fake apps trying to trick users into downloading ad- or malware-ridden versions. Updated on Octoat 7:00 PM PST to amend an app description on App Store.
0 kommentar(er)
