BBM for Android? 100,000 users duped into downloading fake app

Do you want BBM (BlackBerry Messenger) on your Android phone?

Earlier this year, BlackBerry CEO Thorsten Heins announced that BBM will be going multi-platform sometime in 2013 and becoming available to iPhone and Android users.

Heins's troubled phone company is clearly banking on BBM, which is beloved by instant-messaging teenagers, being one of its stronger assets and that a strategy of opening up the service to more platforms will be better for the firm's future than forcing anyone who wants it to buy a BlackBerry smartphone.

BBM is coming to Android and iOS

So, you can imagine the excitement when Android users saw a new app in the Google Play store: "blackberry messenger bbm" from RIM.

Alarm bells should have rung immediately, as RIM is the BlackBerry company's former name. But that didn't stop over 100,000 people from downloading the app, which displayed a screen saying it wouldn't start working until June 27 and then asked the user to grant permission for the StartApp advertising network to install icons and bookmarks onto your Android phone.

BBMIn short, more than a hundred thousand people were duped into installing adware that will put money into the pockets of scammers who simply stumbled across the simple plan of pretending their app was the hotly-anticipated BBM for Android.

Malware is a far far far bigger problem on the Android platform (I could have put a few more "far"s in there) than on iPhone, and part of the reason of that is the tight control Apple exerts over what iOS apps are allowed to grace its App Store.

The hipsters who run the Google Play marketplace, on the other hand, are a lot more free-and-easy about things than their Cupertino counterparts. Yes, they do try to weed out unsavoury Android apps, but it's nothing like the iron fist that Apple applies.

The rights and wrongs of the differing approaches are a topic for another day, but one thing is clear: Apple has almost completely avoided malware affecting millions of iPhone and iPad users, but the Android platform has become strongly associated with money-making malicious apps.

Most Android users assume that if an app is in the official Google Play store, it must be safe to install on their phone. The truth, sadly, is rather different.

Take care over what apps you install, read the app's reviews and check that you are familiar with the developer. Ultimately, you get to decide what apps get to run on your Android phone.

Tags: , , , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

, , , , ,

No comments yet.

Leave a Reply