One of the advantages of Android is that it allows you to play almost all games. Whether they are simple games for kids or graphics-intensive multi-player games, you can play them on your Android device as long as your phone meets the hardware requirements.
There are more that two billion smartphones running Android all over the world, making it one of the most popular operating systems today.
However, security experts have recently issued an Android warning: Google smartphone fans are alerted about dozens of fake apps. According to these experts, there are lots of fake apps that Android users should stay away from, such as fake Fortnite apps.
These fake apps can be downloaded from several popular APK download sites and are riddled with viruses and malware. And recently, there have been several reports of high profile security attacks that are affecting millions of Android devices.
Judy Malware
On of the largest and most high-profile attacks on Android happened last year in the form of malware codenamed Judy. Devices that have been infected with Judy may run into overloading, which can cause the phone to physically burst open.
According to Kaspersky Lab, the malware is a jack-of-all-trades because it can carry out multiple actions at the same time, which is why the phone gets physically warped after being infected. Judy can overwhelm your device with adverts, use your phone’s computing power to mine cryptocurrencies and monitor the device’s activities.
The malware was spread by downloading 41 malicious apps from the Google Play Store, and an estimated 36.5 million devices have been reported to be infected. The fake apps have been long removed from Google Play Store. The malware was named based on the character ‘Judy the chef’, which often appears on the ads.
New Threats
Following the Judy malware that affected millions of Android users last year, security experts are sending out another Android warning against the threat brought by fake apps once again. These apps are generally hosted on APK and free app download sites. The research discovered more than 30 malicious Android apps, carrying risks such as: malware, adware, scams, and privacy issues.
Some of the apps compromise the security and privacy of the device owner by spying on them, accessing and tracking their locations and using the camera secretly. Infected devices are also at risk of a data breach because the fake apps will have access to the device owner’s contact list.
These 30 malicious apps all have one thing in common – they are all fake Fortnite apps.
Fortnite is one of the most popular online games right now, and it is available on a wide range of platforms. The game developed by Epic was not released on Google Play Store. Instead, users can sign up on the developer’s website, and they will send an email invite to download the Fortnite Android Beta game.
Security experts warned earlier that this method of release would open up a lot of opportunities for malicious people to target users who have signed up for the game. The fake Fortnite apps included in the study revealed that these apps can be used to track locations, read contacts, use the camera, and even make phone calls. These permissions are not included in the official Fortnite game.
The fake Fortnite apps discovered by Top10VPN are hosted in Amazon, APK Here, Apptoide, Mobango, Anonfile, Getjar, Android APKs Free, APK Pure, APK MODY, AppMirror, Rawapk, and Uptodown.
How To Spot Fake Apps
The popularity of online games such as Fortnite has made it easier for malicious people to take advantage of users clamoring to download the game. In the case of Fortnite, it is even more difficult to contain the issue because the official game was not launched using a secure platform like Google Play Store.
It is very tricky figuring out whether the app you’re downloading is fake or not. But some fake apps have tell-tale signs that should raise a red flag. Here are some clues that might indicate that you’re installing a malicious app:
- Inappropriate permissions. If the app is asking for the permission to access apps and data that you think is not necessary for the app to run, then you should think twice about installing it. For example, does the app really need access to your contacts, messages or billing information for it to work?
- Unprofessional email address. A legitimate developer will usually have a legitimate website and a legitimate email address. So if you got an email from jane@gmail.com or john@yahoo.com with a link to the download site of the app, be cautious. Verify with the developer if it really is from them. You can check if the app has a website, and if you see that they have a domain, then they must probably have an email associated with it.
- Poor app description. The number of downloads and reviews is not enough proof that the app is legitimate. Reviews can be forged, as well as the number of downloads reflected on the site. Malicious app developers usually use these factors to fool users into downloading their app. If you want to know if an app is legitimate, look at the app description. The devil is in the details, they say. Bad grammar, poor sentence construction, and other errors could indicate that either the developer is not familiar with the English language or that the app description was generated randomly. If you’re a legitimate developer, you will take extra time and attention to write something good about your work. If you can’t understand the description, then better not download it at all.
How to Protect Your Device From Fake Apps
Scammers are always trying to trick Android users into downloading fake and malicious apps. Last year, a Redditor named DexterGenius flagged a fake version of the messaging app WhatsApp, which he downloaded from the Google Play Store. The imitation named Update WhatsApps Messenger was so convincing because it looked exactly the same as the official WhatsApp installer – except for the name of the developer.
The Reddit user decomposed the fake app and found out that it was a disguised ad-loaded wrapper which included a code that downloads another APK. Fortunately, the fake WhatsApp was discovered immediately and was removed from Google Play Store as soon as it was reported.
- Staying vigilant is the number one method of protecting your device against these threats. If you see a red flag, delete the app immediately, scan your device for anything suspicious, or reset your device if there’s no hope of deleting the app.
- Download only from legitimate sites. If an app is available on Google Play Store, then it is best to download it from there. If not, check the developer’s website. Don’t download apps from suspicious websites like those with appxyz-abc.ua as the web address.
- Install an antivirus. Protect your device by regularly scanning it using an antivirus app. There are many options in the Google Play Storeut it is recommended to invest in a reliable antivirus software, even if you have to pay a small price for it.
- Delete junk files. You think your junk files may be worthless, but you’re wrong. There’s a lot of information malicious hackers can obtain from your trash. Plus, these trash files can cause performance issues for your device. You can use an app such as Outbyte Android Care to get rid of temporary files, log files, web cache, and all other junk on your phone.
Conclusion:
With many fake apps proliferating the Internet, it is important to be cautious whenever downloading any installer. Always do your research and be vigilant. Scammers are getting smarter, so Android users must be one step ahead of them. We hope that these tips will help you easily spot fake apps and protect your device against online threats.