View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Networks
May 22, 2015

Up to 3m hit by Minecraft scam on Google Play store

Gamers wanted cheats, but got scareware instead.


Almost 3 million people may have installed malware onto their phones by downloading apps from Google Play ostensibly related to the video game Minecraft.

More than 30 such scareware apps had allegedly been smuggled past the app scanner Bouncer, which is used by Google to stop malicious apps being placed onto Play, an app store that anyone can contribute to.

Lukas Stefanko, malware researcher at the security vendor ESET which found the problem, said: "Most of the rogue applications pretended to be cheats for the popular Minecraft game.

"All of the discovered apps were fake, in that they did not contain any of the promised functionality and only displayed banners that tried to trick users into believing that their Android system is infected with a ‘dangerous virus’."

Despite being labelled differently all of the apps behaved in a similar way once they were installed on a victim’s phone, telling users that to remove the virus they needed to activate a premium text subscription costing €4.8 a week.

Together the apps were downloaded between 600,000 to 2.8 million times, according to public data from the Google Play store, with the first phoney app being uploaded in August last year.

Whilst the apps were uploaded using various developer accounts, ESET believes that they were the work of one individual.

Content from our partners
Why all businesses must democratise data analytics
Unlocking the value of artificial intelligence and machine learning
Behind the priorities of tech and cybersecurity leaders

"The damage that this recent Android malware discovery can inflict is perhaps less acute when compared to the file-encrypting Android Simplocker but the seriousness of this threat lies in the fact that it may have been downloaded by almost three million users from the official Google Play store," Stefanko said, comparing the scheme to a type of mobile ransomware.

He did however add that Google’s plans to have each app reviews by a human would likely bring down the number of malicious apps that were making it onto the store.

Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy