23 September 2015 14:40:55 IST

‘Candy Crush’ virus targeting Android users in India: report

Avid mobile gamers in India could be at risk as a virus bundled with popular games such as Candy Crush is reportedly attacking large number of users in India and stealing personal data, according to a report by IT security firm ESET.

The virus requests device administrator rights and is capable of pushing various notifications, downloading, installing and launching applications, and obtaining the user’s private information, but its main purpose appears to be to display full-screen advertisements on the infected device, ESET said in a report.

According to our telemetry, Android users in India are currently the most affected, with 73.58 per cent of these detections observed, according to ESET.

People affected by this virus, named ‘Android/Mapin’ by ESET, include those who downloaded games such as Candy crush or Jewel crush, Hill climb racing the game, Plants vs zombies 2, Subway suffers, Traffic Racer, Temple Run 2 Zombies, and Super Hero Adventure by the developers TopGame24h, TopGameHit and SHSH from the official Google Play store between November 24-30, 2013 and November 22, 2014.

The virus pretends to be a Google Play Update or an app named Manage Settings and takes 2-3 days to get activated after being downloaded, which prevents detection from Google’s Bouncer malware prevention system, according to ESET.

According to MIXRANK, a display ad intelligence company, Plants vs zombies 2 had over 10,000 downloads before it was pulled.

During the period, System optimiser, Zombie Tsunami, tom cat talk, Super Hero adventure, Classic brick game and the applications mentioned earlier from Google Play Store, packaged with same virus, were uploaded to several alternative Android markets by the same developers, according to ESET. Android phones comprise 82.8 per cent of smartphones market globally, according to market research firm IDC.

“The popularity of Android in India makes it an attractive target for cyber criminals. The fact that users in India were the most affected by Dropper Mapin Trojan that is well detected by our anti-malware solution, leads us to think that users in India are still unaware about basic security practices when it comes to smartphones,” said Zakir Hussain, Head of ESS Distribution, Exclusive distributors of ESET products in India.

Growing malware Although the number of users having solid anti-malware apps installed on their smartphones and tablets is growing in India, the number of malware created for smartphones is growing at a much faster pace. All these infected games are still available for download from Android market places other than Google Play and have been downloaded thousands of times, ESET said.