Fake FaceApp spreading bug to Android devices

July 22, 2019 - 9:10 PM
Samsung Galaxy S9 2018
A hostess shows Samsung's new S9 (R) and S9 Plus devices after a presentation ceremony at the Mobile World Congress in Barcelona, Spain Feb. 25, 2018. (Reuters/Sergio Perez)

A prominent security company warned that an application posing as FaceApp is spreading an adware module to victims’ devices.

Kaspersky Labs found the adware module called MobiDash have affected around 500 unique users already with the first one detected last July 7. Moreover, at least 800 module modifications were also identified.

Adware is basically a type of software virus that automatically downloads and displays unwanted advertisements to the device every time the user is online.

While Kaspersky did not indicate specific fake apps, it advised users to avoid downloading from unofficial sources or developers from now on.

“We urge users not to download applications from unofficial sources and to install security solutions on their devices to avoid any damage,” said Kaspersky researcher Igor Golovin.

“The people behind MobiDash often hide their adware module under the guise of popular applications and services. This means that the activities of the fake version of FaceApp could intensify, especially if we are talking about hundreds of targets in just a few days,” Golovin added.

Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky, noted that such adware is concerning but not surprising.

According to an old study, the majority of consumers (63%) don’t read license agreements when downloading apps. Only 43% of mobile users carefully put check marks on privacy permissions.

“Basically, there is no harm in joining online challenges or installing new apps. The danger lies when users just grant these apps limitless permissions into their contacts, photos, private messages, and more,” Yeo said.

“Doing so allows the app makers possible, and even legal, access to what should remain confidential data. When this sensitive data is hacked or misused, a viral app can turn a source into a loophole which hackers can exploit to spread malicious viruses,” he added.

This was one of the main concerns of some security experts about FaceApp, a photo editing app that has recently been in demand due to its ability to make realistic face transformations in photos.

RELATED: Besides predicting your aged face, FaceApp may be doing something creepier

It turns out that FaceApp’s parent company Wireless Labs downloads the photos users select to apply filters on and stores them in servers somewhere.

Loopholes are also found in the vague provisions of FaceApp’s terms of service.

What is MobiDash and how to avoid it?

MobiDash is often found in Android mobile apps from questionable developers. It makes the app appear as if it failed and then when the user deletes it, the malicious module will remain on the device and start the infection.

It once became prevalent in 2015 and still continues to develop variants since then.

Kaspersky listed basic security tips to keep your device from this adware.

  1. Only download apps from trusted sources. Read the reviews and ratings of the apps as well.
  2. Select apps you wish to install on your devices wisely.
  3. Read the license agreement carefully.
  4. Pay attention to the list of permissions your apps are requesting.
  5. Avoid simply clicking “next” during app installation.
  6. For an additional security layer, be sure to have a security solution installed on your devices.