Unsurprisingly, after the popular Flappy Bird game was officially removed from app stores, the game popped up online and spurred a variety of clones. But malware-injected unofficial copies of Flappy Bird have also been discovered, targeting Android devices, The Next Web reports.
Infected versions of Flappy Birds are not available directly from the Google Play Store, and instead they have to be sideloaded by users. Sophos discovered one such app that looks like the real thing on the surface, but claims it’s a trial version and requires users to send a text message to a premium number. The app won’t let users quit the app until sending the SMS.
Trend Micro has discovered other fake apps that appeared in unofficial stores in Russia and Vietnam. These apps mimic the behavior of the real app but have other hidden features including stealthily connecting to a “Command and Control” server via Google Cloud Messaging for further instructions. The apps can then grab personal data from the phone including number, carrier and email addresses including the Gmail account registered with the phone.
Other apps include an actual payment feature inside the app, asking the user to pay for the game. The original game was available free of charge, featuring in-app ads for monetization purposes.
It’s not unusual for cybercriminals to target popular mobile games and use them for malicious purposes, especially for a popular game that has been officially pulled by the developer. In an interview with Forbes, Flappy Bird’s creator said the game is not coming back, explaining it has been removed as it’s simply too addictive.
Users that have already downloaded the game on their mobile devices can still play the game, and some devices that have Flappy Birds on board selling for thousands of dollars on eBay.