Hackers, who last week compromised Apple’s iCloud and leaked sexually explicit images of celebrities were also planning to clone Flappy Bird to steal images from Android powered devices.
Reports claim hackers mainly tried to exploit users’ negligence concerning the permissions sought by Android over accessing photos stored on the phone and move them to remote location before it is detected.
The hacking ring reportedly stole and is seeking to trade nude and personal photos of over 100 female celebrities collected over two and a half years. Security researchers claimed that the hackers had accumulated them on the ‘stolen’ forum on image board AnonIB.
security researcher Nik Cubrilovic noted that the developer of fake Flappy Bird app exploited users’ ‘carelessness’ about granting the permissions to Android apps to move pictures.
The developer noted: "I am a f**king genious… Hear me out. I.. modded… the app.
"It now secretly downloads all of the phones pictures to my server when the game is running."
"The problem is this – it’s a violation of google play developers license to do publish sneaky apps like that, and I REFUSE to risk my license over it."
"Note: this app will only work for android."
Trend Micro security research vice president Rik Ferguson said: "We frequently see manifestations of malware on Google Play Store and it’s certainly not malware-free.
"Google do actively police Google Play but it tends to be post-release. So he’s saying that if he puts it on his account, it’s going to be found out and he’s going to be suspended.
"There’s a thriving underground market in verified Google developer accounts for exactly that purpose."
