ESET Researchers Discover Fake Prisma Apps on Google Play

Next story
Untitled Document

ESET®, a global pioneer in proactive protection for more than two decades, today announced the discovery of fake versions of the popular photo transformation app, Prisma on the Google Play Store. The fake apps were discovered prior to the release of the Android version and included several dangerous Trojan Downloaders. Before being removed at ESET’s notice, Prisma copycats reached over 1.5 million downloads.

“Most of the fake Prisma apps found on Google Play didn’t have any photo editing functionality; instead they only displayed ads, warnings, or fake surveys, luring the user into providing personal information or subscribing to bogus and costly SMS services,” said Lukáš Štefanko, ESET Malware Researcher. “ESET Mobile Security detected these apps as Android/FakeApp and protects users from them.”

Prisma is a unique photo editor created by Prisma Labs, Inc. After having achieved excellent ratings among users on iTunes where it was first released, Android users were eager for it. However, before the official release date, fake version appeared on the Google Play Store, riding the wave of user’s impatience.

The most dangerous Prisma apps found on Google Play were Trojan Downloaders detected by ESET as Android/TrojanDownloader.Agent.GY. These apps sent device information to the C&C server, and on request, download additional modules and execute them.

As a results of its download capabilities, theAndroid/TrojanDownloader.Agent.GY family of malware poses a serious risk to more than 10,000 Android users who installed these dangerous apps before being pulled from the Google Play Store.

“It was clear that the Prisma app would be eagerly awaited by the Android folks, given its popularity on the iOS platform. Such situations often attract bad guys who put out fake apps – either copycats or various derivatives, from tutorials to cheats – on Google Play to ride the wave of excitement,” said Štefanko.

 

Recommendations by ESET experts

Follow the most basic rules for ‘Android application hygiene’, this includes:

  • Only download from reputable sources.
  • Check user reviews and focus on negative comments. Keep in mind that positive ones may be fabricated.
  • Read the App’s terms and conditions, with an emphasis on its permissions.
  • Use a quality mobile security solution.

When there is hype around your desired app, one should also consider the following:

  • Be more careful than usual as you are likely to discover copycats along with the original app
  • Thoroughly check the App name and developer’s names – they must fit exactly, not only resemble what you’d expect

 

About ESET:
Since 1987, ESET® has been developing award-winning security software that now helps over 100 million users to Enjoy Safer Technology. Its broad security product portfolio covers all popular platforms and provides businesses and consumers around the world with the perfect balance of performance and proactive protection. The company has a global sales network covering 180 countries, and regional offices in Bratislava, San Diego, Singapore and Buenos Aires. For more information visit www.eset.com or follow us on LinkedIn, Facebook and Twitter.

Contacts:
ESET
Heather Craft
(415) 293-2808
esetpr@mslgroup.com