80,000 Chrome users fall victim to fake game
Dubai, October 10, 2012
More than 80,000 users of the Google Chrome browser have fallen victim to counterfeit Bad Piggies game, according to research from Barracuda Networks, a leading provider of security, networking and data protection solutions.
The study from Barracuda Labs found that as a fake version of the game is installed, so too is a plug-in that displays additional advertisements on popular websites such as Yahoo and MSN.
Last month, Rovio, the company behind hit game, Angry Birds, released a new puzzle video game called Bad Piggies. The game was easy to download for Apple and Android users, Android (free) iOS (£0.69), and Mac (£2.99) and hit the top spot in the App Store after only three hours.
A free fake version of the game for users without an Apple or Android device quickly followed. Excited users who thought they had found a free version of the game became exposed to a flurry of irritating ads and unknowingly could have allowed cyber criminals access to their credit card details, the study said.
To install one of the counterfeit games, users are requested permission to 'access your data on all websites' in order to play a game.
Users who clicked 'agree' run the risk of getting their browsers hijacked. The plug-in authors can acquire all the web data when users browse the Internet with Google Chrome. They are then able to misuse users' information, such as stealing user email addresses and online credit card information, it said.
Highlighted findings from the Barracuda Labs study include:
* Searching for "Bad Piggies" in the Chrome Web Store turns up at least eight 'free' matches
* All of the matches have "Bad Piggies" in their game descriptions, so that they show up when you search for the game
* Seven of the eight fake versions of the game came from the same source (playook.info), a maker of "free" flash games
* When installing any of the fake versions, a request to "access your data on all websites" flashes up before the user is able to play a game
* None of the counterfeit versions of the game are authentic: they are not Bad Piggies, but are just pigs-shoot-birds games
* Once installed, so too are additional ads, which pop up on popular websites such as Angry Birds' Chrome site, Disney, eBay, IMDB, Kickass Torrents, MSN, MySpace, The Pirate Bay, Yahoo, V9 and 9Gag
Barracuda said: "When installing a plug-in inside the Chrome web store, consider the requested permissions with a critical eye toward the intent of the plug-in. If the plug-in requests any permission that does not seem reasonable, do not install it. If you have already installed, uninstall it immediately and change your passwords on other websites if possible.
"As Chrome gains more browser market-share, Google should provide better secures solutions on Chrome web store to protect its users. Until then, it's especially important the Chrome users know how to protect themselves," it said. - TradeArabia News Service