A malicious Google Chrome application that claims to be a browser-based version of Rovio’s new, yet still upcoming, ‘Bad Piggies’ game has infected more than 80,000 computers with adware.
The app itself has been distributed through the official Chrome Web Store, however the app installs a plugin that displays advertisements while users are browsing popular websites, not the upcoming Angry Birds title.
A report from security firm Barracuda Networks details the fake app, which is developed by “www.playook.info”:
Seven of these plugins are from the same source http://www.playook.info, a maker of ‘free’ flash games. A quick glance at the Whois records for playook.info tells us… nothing.
They hide their name behind Whoisguard, a very suspcious thing for a business to do. What’s more, installing these 7 plugins request a significant permissions: ‘access your data on all websites’.
According to the report, users who give the app permission to “access your data on all websites” are at risk of having their personal details — such as usernames, passwords, email addresses, and credit card information — stolen by the developer of the fake app. It recommends that those who have installed it remove it immediately, then change all their passwords.
Bad Piggies isn’t yet available for Google Chrome, so any app that claims to be Rovio’s title is nothing but a fake — which should be avoided at all costs. As should all the other Angry Birds titles “developed” by http://www.playook.info.
Even more fake versions of Angry Birds Bad Piggies have since entered the Chrome Web Store, to which can only recommend downloading any Angry Birds title from Rovio themselves, avoid all others!
The question is, what Google can do about this and learn from it, whilst their hasn’t been any claims of adware from any of the other versions, this is pretty poor practice for Google.