Hackers Using Fake Flappy Bird To Send Premium Texts And Increase Bills

Hackers are using Flappy Birds, the mobile game, to get in to users' phones and increase phone bills by sending premium texts.

Following the sudden withdrawal of the extremely popular Flappy Bird game, a series of replica apps have flooded the app stores. Some offer genuine gameplay, but some apps manipulate the user's phone settings to impact phone bills. Global security provider, Trend Micro, found fake versions of the Flappy Bird app that seek user's permission to read and send text messages as a disclaimer before installing the app. By accepting the terms, which most users do not read, the app gains control to send messages from the user's phone.

Some apps require permission to read your messages and be able to make phone calls, but that depends on the type of the app. For a game such as Flappy Bird, an eight bit screen tapping game, it is not necessary to access the phone's core settings or control phone's call log and text messages.

"All of the fake versions we've seen so far are premium service abusers - apps that send messages to premium numbers, thus causing unwanted charges to victims' phone billing statements," the security firm explained in a blog post, Tuesday.

The app also takes advantage of the user's addiction to the game by connecting to a C&C server through Google Cloud Messaging to receive instructions while a user is playing the game.

"Our analysis of the malware revealed that through this routine, the malware sends text messages and hides the notifications of received text messages with certain content," Trend Micro added.

In addition to affecting a user's phone bills, the app might gain access to user's private information such as phone number, carrier and e-mail address registered in the device.

Tags
Hackers, Using, Fake, Flappy, Bird, Send, Premium, Texts, Increase, Bills
Real Time Analytics