Rovio warns of malware posing as Angry Birds Space

13 Apr 2012

Mobile game developer Rovio and security firm Sophos have both warned of a malicious programme placed on unofficial Android app stores which poses as Rovio’s latest game, Angry Birds Space.

The game has proven to be very popular since its release last month, receiving 10m downloads in just three days, which has seemingly made it an attractive cover for malware producers.

According to Sophos, fake versions of Angry Birds Space have been uploaded to unofficial app stores which contain a Trojan called Andr/KongFu-L.

While the app appears to contain a full version of the game, it uses the GingerBreak exploit to gain root access to the device and install malware. The malware is disguised as two malicious ELF files at the end of a JPG image file.

This malicious software then makes the Android phone a part of a botnet and uses the phone to download more code and to push URLs to the browser.

Rovio has also warned of malicious versions of Angry Birds Space, telling users to download the game its own official shop. Sophos pointed out that the malware was not found on Google’s official app store Google Play and warned users to be careful when downloading applications from unofficial Android app stores due to such malware risks.