A fake app called “Updates for Samsung” that promises Android firmware updates has been spotted on Google Play.
ZDNet
According to a new report, over ten million users have been duped in installing a fake Samsung app that promises firmware updates, but, in reality, redirects users to an ad-filled website and charges for firmware downloads.
Called “Updates for Samsung,” the app has more than 10 million downloads and is still in the Google Play store as of today. Aleksejs Kuprins, who works for the CSIS Security Group in Denmark, detailed the app’s apparent sleazy dealings in a blog post.
“Besides being stuffed with advertisement frameworks and not being affiliated with Samsung (yet distributing their firmware), the app offers paid subscriptions for the downloads of the said firmware,” Kuprins wrote. “A user can get an annual subscription for Samsung firmware update downloads for a small fee of $34.99.”
The app takes advantage of the difficulty in getting firmware and operating system updates for Samsung phones, hence the high number of users who have installed it.
“It would be wrong to judge people for mistakenly going to the official application store for the firmware updates after buying a new Android device,” said Kuprins. “Vendors frequently bundle their Android OS builds with an intimidating number of software, and it can easily get confusing.”
The app also claims to let users unlock their SIM cards for any operator by paying $19.99 USD. However, it handles the transaction for the SIM unlock service through an informal source — not via Google Play subscriptions.
At the time of filing this story, the Updates for Samsung app is no longer available for download through Google Play. Users are, however, recommended to use the formal source for downloading firmware updates — instead of relying on an unofficial source. Samsung, just like other Android OEMs, provides a native option to download software updates by going to the settings menu.
