Android users warned about fake Minecraft app

Graham Cluley
Graham Cluley
@[email protected]

Minecraft Pocket EditionA bogus version of “Minecraft – Pocket Edition” (also known as Minecraft PE) has been discovered by security researchers that generates income for online criminals by sending SMS messages to premium rate services.

As PC Magazine describes, the trojanised app was discovered by F-Secure researchers on several third-party Android app stores, based in Russia.

Fake Android apps which pretend to be a genuinely popular program but are in fact laced with malicious code are nothing new of course. In the past there have been plenty of examples, including fake Android versions of “Plants vs Zombies”, “Instagram” and “Angry Birds”.

What makes this one different is that the criminals charge users to download their app! Albeit by asking charging 2.50 Euros for their trojan version of the Minecraft PE app, they are at least undercutting the genuine article which is available for slightly more than double that price.

Sign up to our free newsletter.
Security news, advice, and tips.

The audacity of criminals charging for an app that then rips its victims off leaves you breathless sometimes.

Normally such bogus apps are offered as a free download, hoping to tempt parsimonious Android users into making an unwise download.

The app has had code added to it to send SMS messages. Image source: F-Secure
The app has had code to send SMS messages added to it. Image source: F-Secure

Before you know it, you may find yourself signed up to an expensive premium rate service that you never wanted – and the fraudsters are earning a healthy commission.

The good news is that the malicious version of the Minecraft PE app does not appear to have shown up in the official Google Play store, severely limiting its chances of tricking most Android users.

Of course, the official Android store run by Google is hardly the safest place in the universe itself – having frequently been found to have allowed bogus apps onto its shelves because of less-stringent checking than that, say, deployed by Apple’s iOS App Store.

Always take care over the apps that you install on your Android smartphone, being sure to check out reviews and ratings to confirm that you are likely to be downloading an official version of your favourite app, rather than a knock-off version which might hurt you in the pocket.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.