Recently we released a blog talking about the difficulties of keeping app stores free of malicious applications. Today our automated system flagged yet another example of a misleading application that was posted on the Google Play store.
The application, named Next Launcher 3D Pro, purports to be a free version of the legitimate app Next Launcher 3D, which can also be found on the Google Play store. On investigation, an immediate tell-tale sign of something not being right about this app can be seen. The publisher of the legitimate version, Go Launcher Dev Team, is different than the publisher of the supposed free version, TuranPercin. On installing the fake version of the app, the user is presented with a screen asking them to view some offers before receiving the app for free.
Figure 1. Installation image
Only after these steps are performed, will the malicious application proceed to download and prompt to install the paid-version of Next Launcher 3D, which won’t work since it is protected by Google Application Licensing services.
Figure 2. Message shown by the original Next Launcher 3D application
Symantec has identified a further 752 apps that use this technique to trick users into installing fake versions of legitimate apps. Only one of these apps has been identified on the Google Play store and we have notified Google of the presence of the application.
We recommend installing a security app, such as Norton Mobile Security, which detects the application already as Android.Fakeapp.
For general safety tips for smartphones and tablets, please visit our Mobile Security website.