Virus-laden Minecraft making rounds on Russian app stores

A version of Minecraft - Pocket Edition that costs half as much as the original and comes embedded with a Trojan virus is being circulated through third-party app stores, reports F-Secure.

The app is currently making the rounds on Russian app stores, according to F-Secure, and is being sold for €2.50 — whereas the real Minecraft for Android costs €5.49.

The malicious app includes the full game plus one additional permission that grants the app access to utilize users' phones to send text messages. These messages are sent to "premium rate numbers" in Russia and could do a number of things, such as sign users up for service subscriptions to adding more charges to users' phone bills.

F-Secure reports that Minecraft developers Mojang included some security measures in Pocket Edition, including a failsafe that won't run the app unless it detects Mojang's sign-in signature in its code.

"The original Minecraft includes a check inside the dex code that verifies the signature that has been used to sign the APK," F-Secure explains. "If it's not [Mojang's], the code refuses to run." But the creator of the Trojan attached to the fake Minecraft includes a tool that tricks this failsafe and allows it to run.

Users should beware this cheaper app and enable default restriction for installation of third-party applications on mobile devices.

Read These Next

Latest Discussions

X
Log In Sign Up

forgot?
Log In Sign Up

Forgot password?

We'll email you a reset link.

If you signed up using a 3rd party account like Facebook or Twitter, please login with it instead.

Forgot password?

Try another email?

Almost done,

Spinner.vc97ec6e

Authenticating

Great!

Choose an available username to complete sign up.

In order to provide our users with a better overall experience, we ask for more information from Facebook when using it to login so that we can learn more about our audience and provide you with the best possible experience. We do not store specific user data and the sharing of it is not required to login with Facebook.

tracking_pixel_5353_tracker