Skip to main content

Fake Minecraft App Targets Android Gamers with Malware

Take care when downloading mobile apps, particularly those from third-party sources.

This article first appeared on USgamer, a partner publication of VG247. Some content, such as this article, has been migrated to VG247 for posterity after USgamer's closure - but it has not been edited or further vetted by the VG247 team.

If you've done any browsing of iOS' and Android's respective app stores recently, doubtless you've noticed that a worryingly large number of misleading apps get through the quality control procedures that are in place.

Minecraft is a common target for scammers to use, since it's such a popular, recognizable game and many players -- particularly in the younger end of the market -- are keen to be able to play it on the go. This is already possible thanks to Mojang's official release of Minecraft: Pocket Edition on both iOS and Android, but with $6.99 being considered "expensive" for a mobile game, scammers often take advantage of those looking for a cheaper -- or even free -- version of the game that they like.

In the closed ecosystem of iOS, these Minecraft clone apps tend to take the form of simplistic games that use screenshots of Mojang's game in their App Store descriptions rather than accurate depictions of the gameplay. They can usually be recognized by the combination of these screenshots, a swathe of copy-pasted obviously fake five-star reviews and a similar swathe of angry one-star reviews from people who downloaded the game expecting Minecraft and actually got something completely different.

In the more open ecosystem of Android, however, things are significantly more dangerous due to the platform's ability to install third-party apps and access a much broader array of permissions. And, as you might expect, this makes it a prime target for scammers.

PCMag reports that the latest threat to Android gamers comes in the form of a hacked version of Minecraft Pocket Edition that uses players' phones to send SMS messages to premium rate phone numbers in Russia, potentially subscribing players to services they do not want or adding money to their bill in the same way that "text DONATE to [number]" charity drives work.

The report notes that the app is currently confined to several third-party Russian app stores rather than more reputable sellers such as Google Play and Amazon Appstore. Sometimes dodgy apps still slip through the net, though, so be sure to check carefully before handing over your money for an app. You should pay particular attention to the permissions a game is requesting -- something like Minecraft obviously has no need to access your phone's text messaging facility, so an app claiming to be Minecraft that does request access to this particular permission should immediately ring alarm bells.

With the sheer number of apps being released every day on both iOS and Android, the vetting process at each of the various app stores out there isn't perfect and can sometimes put players at risk. Take care and read descriptions carefully before downloading anything -- particularly apps that cost money up front.

Read this next