/FakeApp discovered on Google Play Store which increases download count and rating of other applications.

FakeApp discovered on Google Play Store which increases download count and rating of other applications.

Estimated reading time: 3 minutes

Quick Heal Security Lab has spotted few FakeApps with more than 50,000+ installations on Google Play Store. These applications appear to be genuine as a PDF reader, PDF Downloader, PDF Scanner etc., but don’t have such functionality. The main purpose of these apps is to increase the download count of other applications and improve their ratings.

Fig 1. List of application present on Google Play Store.

These applications prompt users to download and rate 5 star to sponsor apps in order to unlock this application. After installation of other application and rating, the user will be able to use the PDF reader after 24 hours. But after 24 hours, the same loop starts. It asks users to login with some created password and asks them to download the same application to unlock the application.

Fig 3. PDF converter with 50k+ downloads count

Fig 3. Login page and sponsored app download applications.

The application just loads a URL “https://shar*********.blogspot.com/p/index.html” and displays the above webpage. It does not have any permissions in manifest related to PDF reader or converter.

The basic intention of this application is to increase the download count and good rating of sponsored apps. The sponsored application also does the same thing. In order to use other applications, first user should rate and download sponsored app. This is the trick of the author to increase the download count to earn revenue in the easiest way.

Users should be careful while downloading such fake applications. User can easily recognize it by going through review. We have reported these applications to Google.

Fig 4. Users review.

Here is the list of package name with MD5 :

Package Name

MD5

com.frenzy.live

8d9bb39840bcf8c751418cb691eb8893

com.shartel.pdfebookconverter

46d45604a170a22a113d8f645ebca62c

com.shartel.pdfebookreader

71b392ffa80e96d63dfd08410cbd5b3d

com.shartel.pdfebookdownloader

b1e787f0ad43a1ccead89071d8532725

com.shartel.pdfscannerocr

dd519b9901cd544e0016331ccf666670

Quick Heal Detection

Quick Heal detects this application as :

Package Name Detection Name
com.frenzy.live Android.Fakeapp.A3f8f
com.shartel.pdfebookconverter Android.Fakeapp.A3f93
com.shartel.pdfebookreader Android.Fakeapp.A3f90
com.shartel.pdfebookdownloader Android.Fakeapp.A3f91
com.shartel.pdfscannerocr Android.Fakeapp.A3f92

How to stay safe from fake mobile apps

1. Check an app’s description before you download it.

2. Check the app developer’s name and their website. If the name sounds strange or odd, you have reasons to suspect it.

3. Go through the reviews and ratings of the app. But, note that these can be faked too.

4. Avoid downloading apps from third-party app stores.

5. Use a reliable mobile antivirus that can prevent fake and malicious apps from getting installed on your phone.

Have something to add to this story? Share it in the