Browse archive

Latest news

The CSO perspective on healthcare security and compliance

Large cyber espionage emanating from India

Barracuda updates web application firewall

Targeted data stealing attacks using fake attachments

New Mac spyware signed with legitimate Apple Developer ID

Ransomware adds password stealing to its arsenal

A look into the EC Council hack

"Get free followers" scam targets Instagram users

Thoughts on the need for anonymity

IT security jobs: What's in demand and how to meet it

Hacking charge stations for electric cars

Beware of fake Candy Crush apps on Google Play

Posted on 19.03.2013

Whenever a mobile game becomes hugely popular, it also becomes a great way for scammers and malware peddlers to lure users into unknowingly installing malicious apps on their devices.

The latest of these games is Candy Crush, a puzzle game available through the Apple Store, the Google Play Store, and Facebook for free.

According to Trend Micro researchers, there are number of fake Candy Crush apps being offered on the aforementioned online marketplaces, and their contain code either for the Leadbolt or the Airpush ad network.

"While not inherently malicious, adware can be abused by cybercriminals for their own gains. Adware not only uses aggressive advertising tactics such as persistent notifications, but also collects information about the user," they pointed out.

As always, users are advised to be careful when downloading new apps by checking the contents of the app page such as the name of the developer, user comments, the app description, and gauging its legitimacy. In addition to all this, once an app is downloaded and run, it's always best to pass on the ones that ask permissions that can be misused to steal money or crucial information.