to its name. The Scary Granny ZOMBYE
Mod: The Horror Game showed malicious behavior and is allegedly stealing
users’ credentials after they log into their accounts.
the success of another Android game dubbed “Granny” with 100 million installs
as of now.
phishing and siphoning abilities, the fully functional game was taken down from
the Google Play Store.
exhibit any malicious activity up to 2 days to steer clear of security checks.
being used on older Android versions with users with new devices which run up
itself on the smartphone or tablet and tries to gain the trust of the users.
still shows full-screen phishing overlays.
Google Security Services” and the moment they hit ‘update’ a fake Google Login
page appears which looks almost legitimate except for the incorrectly spelled “Sign
go on to try to harvest account information like recovery emails, phone
numbers, verification codes, DOBs and cookies.
of the Android apps. For example, com.googles.android.gmspackage
attempts to pass itself as the original com.google.android.gms
also display some really legitimate looking ads from other prominent applications
like Messenger, Pinterest, SnapChat, Zalo or TikTok.
game would make it appear that apps like Facebook and Amazon were actually open
when actually they are only ads pretending to be actual applications.
In one of the cases the
researchers tried out, the ad directed the user to a page which Google blocked flagging
it as being deceptive which clearly implies that it hosts malware or a phishing
After connecting with an
ad network by way of com.coread.adsdkandroid2019
package, the ads would get distributed to the compromised Android devices.
the profit for its creators, the Scary Granny would try to wrest money form the
users by asking them to pay for their playing privileges via a “pre-populated
PayPal payment page”.