Meetup Vulnerabilities: Escalation of Privilege and Redirection of Funds

Cloned Minecraft for Android Doing the Rounds

The underground Android application market is booming. More and more pirated games are available for direct download on the net. One such game, the cloned Minecraft PE, is causing extensive damage all across the globe. Users of the Trojanized version are advised to uninstall the game immediately.

The temptation is irresistible for any hardcore gamer. When costly games are available at a discount or even for free, downloading via the black-market becomes a no-brainer for many. But what is often forgotten is that mobile security is seriously compromised.

The aforementioned Trojanized version of Minecraft PE, which is still available in various Russian pirate app stores, is a huge security risk. Available for 2.50 Euros, this cloned version infiltrates the system and exploits the victims’ cell phones.

Minecraft Pocket Edition (PE) is basically the mobile version of the classic Minecraft game. Released in late 2011, the game has become a huge fan favorite on the Android platform. It currently costs $ 6.99 on the official Google Play Store and boasts a download count of over a million. But this also means more clones and rip-offs are on the black markets.

As mentioned above, the underground community is lured into buying the pirate game with the attractive price tag, which is less than half of what is demanded on the official Play Store. The unfortunate buyers do get to play the real game and enjoy the experience, but what they don’t know is that their devices get contaminated with vicious malware.

Besides the instant pay they receive, the malware owners also get access to the exploited phones. An extra permission, android.permission.SEND_SMS, is squeezed into the installation process. This allows the hackers to send out text messages from the hacked phones and sign up for costly services and subscriptions without the victim’s knowledge.

The security steps to be taken are obvious and known to many, but often overlooked. Make sure you use only authorized applications from the Play Store and be aware of the permissions asked during the installation process. Android’s open-platform characteristics are not security friendly and users must always be careful with the apps they install.

Source – Mobile Threat

Jump to Category