A fake app on the Google Play Store that offered free and paid firmware updates for their Samsung devices was downloaded by over ten million Samsung device users before being spotted by a security researcher. The app is still live on the Play Store.
According to Aleksejs Kuprins, malware analyst at the CSIS Security Group who spotted the fake adware, the app uses all the techniques required to appear genuine to users and not only offers free firmware upgrades for Samsung devices, but also offers paid annual subscriptions for firmware upgrades.
Named "Updates for Samsung", the app features news and Android tutorials from a website called updato.com and offers a number of firmware updates for Samsung devices on its "Download Firmware" section. Users are either given the option of downloading a firmware for free or to opt for a paid annual subscription that allows them to download firmware at greater Internet speeds.