Over 10 million users became victims to a fraudulent app for Samsung firmware updates

CSIS Security Group found fraudulent Updates for Samsung application on the Google Play Store that promises users to update the firmware for their devices, but actually redirects them to the advertising-filled site, and also requires paying for downloading free firmware.

Currently, the application has not yet been removed from the official directory, although researchers have already contacted Google engineers and reported violations.

Updates for Samsung cannot be called Malware in the true sense of the word, because it does not perform any malicious actions on behalf of the user or without his consent. However, application successfully parasitizes on numerous difficulties, which are associated with obtaining firmware and OS updates for users.

“It would be wrong to condemn people for having mistakenly went to the official app store, while wanting to update the firmware after buying a new Android device. Manufacturers often include an avalanche of software in their Android devices, and all this can be misleading. The user may feel lost due to the [system] update procedure. This means that he may make a mistake and go to the official application catalog in search of updates” write experts.

In fact, Updates for Samsung offers an easy way to solve the “update problem”, being a centralized repository from which Samsung devices can download firmware and updates.

However, you need to understand that the application has nothing to do with Samsung, and only loads the updato [.] Com domain through WebView. This site is not only replete with ads, but also offers both free and paid (legitimate and working) Samsung firmware updates.

At the same time, tresearchers found that site limits the speed of free downloads to 56 Kbps, and some free downloads ultimately end up with a deliberate timeout. Thus, the application pushes users to purchase a premium package worth $ 34.99, which makes it possible to download any files without restrictions.

In addition, the application offers a strange SIM unlocking service for $ 19.99, and it’s not at all clear whether this functionality works or it is just another scam trick.

Experts write that the application violates rules of the Google Play Store, because instead of payment system provided by the official store, it uses its own, which means that users’ payment data are at risk.

Also, when the application is running, it displays many full-screen advertisements, opening one after the other, almost every time while tapping the screen.

Exit mobile version