It turns out that more than 10 million people are stuck in the fraudulent app 'Updates For Samsung' that pretends to be Samsung



The

CSIS , a cybersecurity company, warns that the Android app named ' Updates For Samsung ' is actually a ' scam app ' that is not even Samsung official. The number of download users for this app has exceeded 10 million at the time of article creation.

“Updates for Samsung” — from a blog to an Android advertisement revenue goldmine of 10,000,000 + ...
https://medium.com/csis-techblog/updates-for-samsung-from-a-blog-to-an-android-advertisement-revenue-goldmine-of-10-000-000-166585e34ad0

Fake Samsung firmware update app tricks more than 10 million Android users | ZDNet
https://www.zdnet.com/article/fake-samsung-firmware-update-app-tricks-more-than-10-million-android-users/

The app in question 'Updates for Samsung-Android Update Versions' is available for download by anyone on Google Play. The icon uses the Android mascot character 'Droid' (officially called Bugdroid), which looks like the official Android app.



The number of installations exceeds 10 million, and the rating of the review is the star 5 most.



However, according to cybersecurity company CSIS, this application impersonates Samsung's smartphone update update application, but it has nothing to do with Samsung. If you download the firmware from this app, the free plan seems to limit the download speed to 56kb / s.



Downloading firmware of about 700MB at this speed can take over 3 hours. Furthermore, the download feature of this app's free plan is that in most cases the download is supposed to fail. You need to subscribe to a paid plan of $ 34.99 a year (approximately 3800 yen) to ensure the download of the firmware.



Paid plan subscriptions do not go through the Google Play payment system that Google guarantees, but pay on their own system. This unique system sends credit card information to the developer over HTTPS.



However, the problem is that official firmware can be downloaded and installed for free from Google's guaranteed version by opening 'System' from the setting screen and tapping 'System Update' in 'Advanced'. There is no need to take advantage of the 'Updates for Samsung'.



The application also has the ability to unlock the

SIM when it pays $ 19.99 (approximately 2200 yen), but according to CSIS it is said that 'it will not work or not.'



To use 'Updates for Samsung' 's SIM unlocking function, you need to enter

IMEI (Device Identification Number), contracting company of SIM card, email address etc.



CSIS has issued a warning about this app: 'It's a 'scam app' that is raising money in the guise of Samsung's official updates.' The app doesn't have malware capabilities, but while it's running, tapping the screen will cause ads to appear full screen.



CSIS points out that the number of downloads for this app has exceeded 10 million, 'It comes out when you search for' update 'on Google Play'.



CSIS has accused the vendor of 'bundling a lot of software in the Android OS, causing confusion for users' and calling on Google to remove this app from Google Play.

in Mobile,   Software,   Security, Posted by darkhorse_log