back to article One MEEELLION users download Facebook-pwning droid game

Threat researchers at security vendor ESET say a malicious Facebook-creds-stealing trojan masquerading as an Android game has been downloaded up to a million times. ESET chap Robert Lipovsky says the Cowboy Adventure game, and another also malicious game dubbed Jump Chess, has been since removed from Google's Play code bazaar …

  1. Ed Courtenay
    Paris Hilton

    Confused

    "The VXers were smart to use the Mono framework as it allowed them to evade analysis and set a location-based trigger to deactivate the malicious features and avoid antivirus detection."

    Do what now? What part of the Mono framework has suddenly become a virus writer's wet dream to allow their malware to evade analysis?

  2. Mystic Megabyte
    FAIL

    Navfree

    I had Navfree which changed itself to Navmii when it updated. Now it seems to be pushing malicious adverts* so I've uninstalled it. Anybody know of good Sat Nav, I don't mind paying for one if it works well.

    *I had a pop-up saying that my phone had been selected for a prize. Well duh, I don't think so.

    1. goldcd

      Google Maps/Navigate if you want something free

      If you want something that works offline, I like Co-pilot.

      Works well and has sanely priced maps with free updates.

      To be honest though, Google is what I use day to day and just use Co-pilot abroad if I'd otherwise be paying for roaming data.

      1. Jimmy2Cows Silver badge
        Thumb Up

        CoPilot

        Seconded. I don't want a constant data connection active, so spent a while researching the alternatives, and CoPilot came out on top for my needs. Got it on my phone, in my cars. Offline maps, regular updates, lots of features.

    2. arnieL

      Re: Navfree

      Nokia Here maps does for me.

  3. Anonymous Coward
    Anonymous Coward

    Cowboy game

    I guess it just held up the Deadwood stagecoach and headed off to the badlands with the gold.

    1. Bloakey1

      Re: Cowboy game

      Yep. They were headed straight for town, loaded down with their fancy cargo, care of Wells and Fargo Illinois.

      I am glad to say they are not very good friends of mine.

      A real Calamity <sic>.

  4. Anonymous Coward
    Anonymous Coward

    Annoying...

    Why do their lousy phone games get so many downloads? My lousy game is in double figures on Android.

    1. Ralph B

      Re: Annoying...

      From the article: Fang says the scam spread to users in a victim's contact list, and likely used automated scripts to spread over social media.

      Maybe you should try adding this functionality to your lousy game. Unless you're a decent person.

  5. Lexxy

    Definitely stolen, not created

    I've seen that game before. It's an example game project included with the .NET game development SDK - Microsoft XNA Framework - which had exactly two levels. They don't appear to have made any changes whatsoever to the original sample, so it looks like they've just added malware, wrapped it for Android consumption and shipped it.

    Edit: I looked it up, this ought to look familiar: http://blogs.msdn.com/b/davrous/archive/2011/09/09/html5-platformer-the-complete-port-of-the-xna-game-to-lt-canvas-gt-with-easeljs.aspx - seems you can easily add new levels too via a simple text based map formatting.

  6. Christopher Reeve's Horse
    Coffee/keyboard

    TinkerAccountLibrary.dll

    Are you shitting me!?

    It's 2015 and your OS accepts a library with 'TinkerAccount' in the title?

    1. Destroy All Monsters Silver badge
      Paris Hilton

      Re: TinkerAccountLibrary.dll

      Are you some kind of politician or PHB?

    2. Derpity
      Trollface

      Re: TinkerAccountLibrary.dll

      Are you shitting me?

      Its 2015 and your orderlies still allow you internet access?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like