Flappy Bird Removed From App Stores
Flappy Bird creator Dong Nguyen has revealed on Twitter that the game's incredible popularity has ruined his simple life.

The fake Flappy Bird apps which appeared after the original was removed are using your phone to send premium rate messages.

According to detections by Malwarebytes and Trend Micro, fake versions of Flappy Bird are spreading online.

Trend Micro said that the fake Flappy Bird apps have exactly the same appearance as the original version and all of the fake versions it had seen so far sent messages to premium numbers, thus causing unwanted charges to victims' phone bills. After the game is installed and launched, the app will then begin sending messages to premium numbers.

Other fake versions have a payment feature added into the originally free app and, if the user refuses to pay, the app will close.


Also according to Malwarebytes, a free game has been detected not only for Android, but also for iOS. Malwarebytes security researcher Chris Boyd said that clicking the link took the user to surveys, which have now been taken down.

He said: "Each clickable option took us to mobile-centric sign up pages, where links typically required some form of mobile number sign-up and/or payment to process. As much as I like our little flapping pal, I made my excuses and left.

"The Flappy Birds scam on the blog actually sits outside the iTunes store on this occasion - all of the clickable links take the end-user to various survey scam offers, and they all try to convince them to sign up to cash-draining mobile messages."

Not surprising

Creator Dong Nguyen originally gave no reason for taking the game down, saying via his Twitter page that he was taking it down as he could not "take this anymore" and it was "ruining his simple life.

Michael Sutton, vice president of security research at Zscaler, said he was not surprised that there are malicious versions of Flappy Bird showing up on third party app stores, as malware authors constantly take advantage of popular games by posting cloned/malicious versions in third party app stores.

"In this case they have an even better angle - offering a desirable app that is no longer available. As we've often had to learn that hard way - 'if it seems too good to be true...it probably is'," he said.

Very rare

Sutton said that he doubted that a malicious version would make its way into the official Google Play store, especially given the attention that this issue has garnered. "How popular a malicious version would rank in a third party app store would depend upon how the store measures popularity, but without the need to compete with an official version of the app, the malware author would certainly have an opportunity to promote their cloned app without any official competition," he said.

"As for the Apple App store, while this is possible, it is very rare for cloned/malicious apps to appear there. It is much more likely that we will see these apps in third party Android app stores."

Dan Raywood is editor of IT Security Guru.

IT Security Guru