STE WILLIAMS

Fake BlackBerry BBM apps *still* in Google Play Store, one month after failed official release

It’s now one month since BlackBerry’s ill-fated non-release of its BlackBerry Messenger (BBM) app for Android and iOS.

The beleaguered mobile phone maker was all set to launch BBM on the Android and iOS platforms last month, before pulling the product at the last minute.

In fact, the app did reach Android users, but only briefly, and not with BlackBerry’s blessing.

Ironically, even though BlackBerry enthused about “1.1 million active users in the first eight hours, without even launching the official Android app,” it was also forced to admit the the unofficial release “caused issues” – issues so severe that the product still isn’t out.

But the app, or numerous shabby imitations of it, are still popping up in the Play Store a full month later.

It’s not surprising to see cybercrooks trying to take advantage of heavily-anticipated product releases, but in this case the official product remains very publicly unreleased, which you might hope would make Google quadruply suspicious of imposter apps.

The situation is calmer now than when I checked last week, when there were dozens of apps looking just like #4 above.

But even a few bogus apps are too many, given that all of the ones I’ve looked at with green logos seem to have identical imagery and the same drivellous description, starting like this:

Blackberry Messenger Full Edition!!!

For All Android Devices and also it is FREE!!!

And this descirption is 100% BELEIVABLE, IS’NT IT?!?!?!?

It doesn’t say the last line, of course – I made that up – but it might as well.

Worse still, the descriptions generally end with keyword stuffing – padding the text with unrelated search terms in order to get search engines to recommend the false app under doubly false pretences.

Those keywords probably won’t do much to deter the average vistor, despite their peculiarity (they’re down at the bottom), but you’d have thought they’d trigger alarm bells at Google when it vetted the app, given that they include bogosities such as these:

Sadly, we’ve written about fake apps in the Play Store before, with similar surprise at how on earth the imposters could have got there at all.

For example, we’ve had fake Apple apps, which I’m sure you might have expected Google to spot proactively, given that Apple has something in the way of a rival mobile ecosystem, and doesn’t actually produce Android apps at all.

Same thing all over again with Nintendo, which doesn’t publish its games on Android, yet was the victim of bogus apps that surely should have been obvious.

And we’ve had companies that do produce Android apps targeted by imposters with apps that don’t even try to look like or behave like the original.

Of course, I’m not implying that it would be less dodgy if the crooks showed enough respect to rip off their victims more faithfully.

But it does make we wonder what Google is looking out for – I get a mental cartoon image of a bearded burglar, clad in prison garb and carrying a giant bag labelled “SWAG,” meeting Google as a policeman with a speech bubble saying, “Now then, ma’am, have you seen any suspicious looking characters round ‘ere?”

The Play Store isn’t supposed to be perfect – it’s meant to embrace big and small developers alike, and to bring lots of choice of free and paid apps.

But it is the official place to get apps, and if you want to install apps from anywhere else, Android makes it clear that “there be dragons”:

Judging by the dialog telling you that you have to take sole responsibility if you shop outside the Play Store, it certainly sounds as though Google officially claims at least some responsibility for what is inside it.

So it is a disappointment to see the Play Store apparently so easily abused like this, and Google really needs to clean up its patch.

Just about two years ago, Google’s Open Source Programs Manager, Chris DiBona, came out with am extraordinary claim.

He said that “if you work for a company selling virus protection for Android, RIM or iOS you should be ashamed of yourself.”

DiBona seemed to think that protecting what got into Play Store in the first place that was the right way to attack the problem:

All the major vendors have app markets, and all the major vendors have apps that do bad things, are discovered, and are dropped from the markets.

But when screensful of fake BlackBerry apps can flood the Play Store at the same time, and apps from mobile market rival Apple can appear without any apparent sense of irony, Google obviously still has plenty of work to do.

(The silver lining, I suppose, is that I guess I no longer need to feel ashamed at working for a company that makes an Android Anti-Virus.)

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/wRpmtbhxXjU/

Comments are closed.