Bitdefender researchers have recently spotted something that could be the beginning of paid promotions through Facebook, and believe that the approach can very easily be used for peddling malicious mobile apps.
The realization came with the discovery of duplicates of legitimate Facebook “dating” apps.
The duplicates use the same names as the original ones (Lista de Verificaci??n del Amante Ideal and Lista de Verificare pentru Iubit(a)), but perform differently.
While the legitimate ones scan the user’s Facebook contacts and list potential partners, the clones are able to detect whether the user uses a mobile device, and if he does, they redirect him to a random Google Play game.
So far, none of the games/apps (or pages, for that matter) to which the users get redirected are malicious, but it can and probably will happen.
“Cross site scripting is nothing new; however, this is one of the few times when a direct correlation between Facebook and promoting Android apps via redirecting mobile traffic has been reported,” says Bitdefender.
“Visiting the link from your desktop PC is safe, but if you’re accessing the same app from your Android handset, things become risky.”