Posted on July 23, 2019 at 11:22 AM
Fake FaceApp Infects Mobiles With Malicious Malware
MobiDash malware is hiding within illegitimate FaceApp installations, compromising devices globally, and installing malicious advertising software.
MobiDash Infection
On 7 July 2019 cybersecurity firm Kaspersky first highlighted the issue when multiple users noted problems once they downloaded FaceApp via unofficial sources. First, the app looked as though it had not installed correctly. Then it seemed like the install failure triggered a removal protocol. However, instead of being removed, devices were surreptitiously infected with MobiDash malware. Twitter has been awash with reports of this news.
It is not clear how many devices have been infected in total. Kaspersky reported that since 19 July there have been at least 500 different and individual compromises all within a 48-hour timeframe.
MobiDash first appeared “on our screens” last spring. Removal of this malware is not easy as many Android users have found.
FaceApp Challenge and Cost Opens the Door to Infection
FaceApp is a popular app used to transform your face using AI (artificial intelligence). It grew in popularity on release in January 2017, and it is growing again since its AI-based old-age algorithm produced a range of celebrity snaps. With more than 12.7 million users reportedly downloading the app over the last two weeks, in a rush to complete the widespread FaceApp Challenge, enterprising malware developers capitalized on this chance to infect devices.
Essentially the FaceApp challenge is about taking a photo of yourself as you are today and using the apps AI to predict what you could look like when you are older. The challenge has taken Instagram by storm, and even celebrities are joining in the fun. However, the software offers in-app purchases costing up to nearly US$50. With costs running so high, it’s no wonder some users attempted to download fake versions of the app for free. That said, the app does offer a free trial period.
This is where MobiDash developers saw an opportunity to strike – deploying their malware. First, they created a FaceApp download that looks highly legitimate, available on third-party app stores. Then they made it look like the installation failed. From the users’ perspective, they think the app has been successfully removed. However, the MobiDash adware was hidden within the process, now living on the device and continually throwing up annoying ads.
Unfortunately, this particular piece of malware can be tricky to remove since it’s usually listed as device administrator software. However, it manages to remain absent from the administrator list.
FaceApp Hitting the Headlines Again
This is not the only time FaceApp has been in the news this month. Only last week, not long after the viral surge of posting aging-AI-generated photos became a global sport, experts vocalized their concerns over privacy.
Once users agree to the app’s terms of service, they are granting the developers irrevocable, nonexclusive, royalty-free title to the images used and the freedom to reproduce, adapt and publish in whatever manner they choose.
There were additional concerns that the app could scrape data from a user’s photo album, messages, or location. These worries strengthened when users learned that the FaceApp development team is Russian-based. Presidential Candidates were warned by the Democratic National Committee not to use the app. US authorities are investigating the security concerns raised.
Preventing the Issue
The creators of MobiDash regularly hide their adware modules within cleverly disguised applications and services, looking for any opportunity to attack. This means that despite the reports on this issue, activities of the fake FaceApp could intensify. Users are advised not to download software from unofficial sources. Also, users are encouraged to install security solutions on their devices.
There are other security measures a user can take. Read reviews and ratings of apps before downloading them. License agreements are always wise to read as sometimes you could be legitimately agreeing to advertise malware. There are also security solutions you can install on your devices to serve as a further security layer.