Malicious fake apps abound but there is no stopping Google and other developers from hunting them down. Symantec is one of the biggest names doing the challenging work of discovering those fake apps. We reported its efforts last October and the group has continued to do so. The recent discovery includes an Android.Fakeapp variant that gets user information. What this fake app does is use the deep links of Uber to hide.
This particular malware asks users to enter credit card details for possible monetization. If you’re not careful, you may be victimized and enter information you shouldn’t be giving away. Symantec noticed this problem while analyzing variants of the malware.
Uber app users are the main targets. This may have already victimized millions of users around the world. The Uber UI has been duplicated and pops up as a regular screen prompting users to enter Uber ID and password. This malware sends a user’s information to a remote server once the Next button is clicked. The user won’t notice that it’s fake because the malware displays the original app showing one’s location. The user will think nothing is wrong at all.
The creators of this fake app took advantage of deep links so users won’t be suspicious. Symantec warns the public of this problem and recommends everyone to keep software up-to-date, not to download apps from unfamiliar sources, look at permissions carefully, install a suitable mobile security app, and backup important data regularly.