Fake Samsung app with 10 million downloads charges for free firmware

Brittany A. Roston - Jul 5, 2019, 7:28 pm CDT
3
Fake Samsung app with 10 million downloads charges for free firmware

A huge number of Android users have been tricked into downloading a fake Samsung firmware update app that claims it will update a phone’s software, but in reality redirects users to an ad-filled website and predatory subscription plan. The app is still live on the Google Play Store as of July 5 at 8PM ET, though it will no doubt get removed in the near future.

Despite a huge number of 1-star reviews, the app ‘Updates for Samsung’ presently features more than a 4-star average rating and appears upon one’s first look to be a legitimate update app. The predatory app was detailed in a blog post by CSIS Security Group, which found that it is distributing Samsung firmware on ad-filled web pages.

In addition to presenting users with a mass of advertisements, the app is charging users to download these device firmware updates, which are freely available through official channels. The app requires users to provide their credit card info rather than using Google Play subscriptions.

‘Updates for Samsung’ users are given a free download option through the predatory app, but it was found to be limited to a very slow download speed that resulted in multiple hours of wait time for a single update. Victims of the app have reported that their downloads often failed, forcing them to start over again or to pay the fee out of frustration.

As well, the app also reportedly directs users to a service that claims to unlock phone SIMs for a $19.99 USD fee. Some users have left reviews on the Google Play Store listing claiming the app caused their phone to become unstable, resulting in random rebooting, dropped calls, overheating, and other issues.

Due to the very high average rating despite the large number of 1-star reviews, it’s likely that the individuals behind this app have used fake reviews to add a sense of legitimacy to their predatory product. It’s unclear how many of the more than 10 million installs listed on the app’s page are authentic, but the number is likely very high.


Must Read Bits & Bytes