A hacker who leaked a lot of private photos turned out to be using Flappy Bird this time

ByDesiree Catani

One case where a large amount of nude images such as famous Hollywood actresses and singers leaked outHas caused a great ripple throughout the world, and in New ZealandDisorder arises in the net based on the image seenIt is as rare as it is occurring. A group of hackers who caused such a case,Flappy BirdIt was revealed that I tried a method to extract images illegally by adding a hand to it.

ICloud hackers planned Flappy Bird clone to steal photos from phones | Technology | theguardian.com
http://www.theguardian.com/technology/2014/sep/05/icloud-hackers-planned-flappy-bird-clone-to-steal-photos-from-phones

Flappy Bird is a game that suddenly got explosive popularity for half a year after release, and the author's Dong Nguyen is so popularDelete game temporarily as "I can not bear it any more"It is also known for what I was doing. Although Flappy Bird, which many copies are to be circulated, there are also people who work with wrongdoing by using their popularity, roaring games modified on Google Play to crack the app and extract images , It is obvious that you were trying to collect images illegally.

This is a problem that arises because users approve 'access to image folders' without much consciousness. It is a huge bulletin board abroad4chanIn the forum derived from, it seems that hacker groups that seemed to have carried out illegal extraction of images for about two years aggregated, exchanged a large amount of images and collected them repeatedly.

A person named Nik Cubrilovic who conducts a security related investigation has found a writing on a method of remodeling the Android version of Flappy Bird in this forum to allow access to image folders.

Plan for a photo stealing Flappy Bird clone. Remember this next time a game or app asks for picture permissionsPic.twitter.com/K138VL6yWw

- nik cubrilovic (@ nikcub)2014, September 4

In entries beginning with exporting "you, I am a genius spirit", it was written that Flappy Bird was modified to extract the image and succeeded in having the server send the images one after the other , This behavior is contrary to the Google developer's terms and it is necessary to create a separate account for that we do not want to take risks to cancel the account when it is found out, About 2,000 yen) of the contents to call for the provision of funds is being written. Also, it is written that those who provided funds will provide the extracted images.

Rick Ferguson, Vice President, Trend Micro, says, "Google Play is not" malware-free. "Google is taking anti-malware, but it will mainly be after the application is released.The author of the rogue application I will tell you that the account will be deleted, but the market for illegal apps is showing great success. "

In the case of Android OS, the behaviors that each application takes like "access to data folder" are designed to get its consent at the time of installation. On iOS you can change each setting even after installation, but Ferguson points out that Android has insufficient countermeasures, points out that this point will be improved to improve security, and reliable authors It is important to use the application from.


Also, Mr. Ferguson says, "The problem with this type of application is the high feasibility of the method and the situation that it is easy to use for" money making ", and because there are many people who are likely to be infected, interests of people and media We are collecting a lot. " It is another work of Mr. Dong Nguyen who is the creator of Flappy BirdSwing CopterThere are also numerous copies on the market, and over 60 different versions are already released on Google Play. Everything is not dangerous, but you better be careful when installing other games and other things.