Researchers found fake Samsung firmware update app with 10 million installs

Over 10 million users have been tricked into installing a fake Samsung firmware update app called “Updates for Samsung,” which promises a firmware update, but actually redirects users to an ad-filled site. The firmware download fee is charged. A few days ago, Aleksejs Kuprins, a malware analyst at CSIS Security Group, released a report on suspicious behavior of the application and contacted the Google Play store to ask Google to consider removing the app.

It is reported that the website does provide free and paid Samsung firmware updates, but the website will limit the free download speed to 56 KBps, and some free firmware downloads will eventually display a timeout. In this way, the app induces the user to purchase an advanced software package worth $34.99 in order to be able to download any file.

Hundreds of users downloaded the app and complaining that the site was just an ad-infested hellhole, and most people couldn’t find what they wanted there. All in all, it is not malware in the traditional sense, it does not perform any malicious operations without the user’s consent. However, the app has “fraud”, “fraud” or arguably an “adware”.

Source: ZDNet