Fake antivirus programs are increasingly appearing in mobile app stores. Kaspersky Lab recently found two such programs imitating the company’s products in two different official app stores for mobile devices.
The first fake app was discovered in Windows Phone Store. This in itself was unusual because scammers tend to target users of Android via Google Play due to the platform’s popularity. The app in question went by the name of Kaspersky Mobile. The fact there is no such program in Kaspersky Lab’s product line suggests the fraudsters didn’t expect anyone to notice the discrepancy. Another interesting feature of this particular app was the fact users had to pay for it. This meant its creators immediately started making money without having to devise additional scams such as demanding payments to remove “malware” that had supposedly been detected on users’ computers.
The second fake app imitating the Kaspersky Lab brand was for sale on Google Play and was called Kaspersky Anti-Virus 2014. Again, there is no Kaspersky Lab product for mobile devices by that name. The screenshot used on the page of the fake app was simply copied from the official Kaspersky Internet Security for Android page. Unlike the app for sale in Windows Phone Store, the creators of this fake app didn’t even bother to add a simulation of a scanner – the functionality was limited to random series of statements appearing on top of an “official” logo.
“The story of paid fake anti-virus for mobiles started with the appearance of Virus Shield in the Google Play store. Now we are seeing how one successful scam spawns numerous clones. Scammers who want to make a quick buck from inattentive users are selling dozens of fake apps, copying the design, but not the functionality of the original,” commented Roman Unuchek, Senior Malware Analyst at Kaspersky Lab. “It is quite possible that more and more of these fake apps will start appearing. One thing is for sure, the security mechanisms put in place by the official stores cannot cope with these kinds of scams.”
The scammers however seem to show a bit more knowledge about software developers and their name-dropping wasn’t limited to Kaspersky Lab. The fake AV creators uploaded numerous other types of paid apps to Windows Phone Store that used the names and logos of several popular programs.
They include Google Chrome for 99 rubles (approx. $2.80), and Google Chrome Pro, which for some reason cost just 59 rubles. There are some “antivirus” applications from unknown developers, but upon closer inspection the only difference between them and Kaspersky Mobile turned out to be the logo and the colors used in the interface.