If you or your kids are fans of Minecraft then take care before installing apps that modify the immensely popular game.
Security researchers at Kaspersky say that they have discovered over 20 fake ‘modpack’ apps that are actually designed to bombard users with adverts in such an intrusive and aggressive fashion that using the phone becomes virtually impossible.
According to the team at Kaspersky, users find that no actual mods are loaded after installing the bogus Minecraft modpacks.Indeed, to the user it appears that the app does nothing at all.
And that’s why a user might forget that they ever installed the fake modpack, especially as it hides its icon.
But the bogus app is still there, and – according to researchers – automatically opening a browser window containing ads every two minutes.
In addition, a command & control server can send instructions to the app telling it to open Google Play, Facebook, or play YouTube videos.
Perhaps the most annoying thing about the fake Minecraft mods is that their victims have a very hard time figuring out why their browser (or Google Play, or Facebook, or YouTube) keeps opening. They are likely to conclude that the problem lies in the browser (or whichever app the fake modpack loads). However, uninstalling and reinstalling the browser will not fix the issue, and neither will tinkering with settings.
According to the researchers, the best way to remove the offending app is to look in Settings > Apps and notifications > Show all apps and delete it from there.
In its blog post, Kaspersky identified five fake Minecraft apps which were still available in the official Google Play store:
- Zone Modding Minecraft,
- Textures for Minecraft ACPE,
- Seeded for Minecraft ACPE,
- Mods for Minecraft ACPE,
- Darcy Minecraft Mod
One clue that could have raised suspicions amongst users was the polarity of reviews: either very good (5 star) or very bad (1 star).
The researchers explained that it was likely the five-star reviews had all been left by bots under the control of fraudsters, and the negative reviews from genuine users who had been tricked into installing the app.
According to the firm, the number of users who have installed the apps range from 500 to an eye-watering one million. The apps identified by Kaspersky’s security researchers have now been removed from the Google Play store, but it does appear that Google is still failing to do a good job of properly weeding out unwanted apps like this before they end up on a large number of users’ devices.
Stay safe folks, and don’t assume that just because an app is in the official Google Play store that you can trust it is safe to install on your Android.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.