Fake Angry Birds follow-up – Bad Piggies game: 80,000 Chrome users victims of ad injection
Barracuda Labs’ new research reveals how complacency to data permissions could allow cybercriminals access and misuse user email addresses and online credit card information
Last month, Rovio, the company behind hit game, Angry Birds, released a new puzzle video game called Bad Piggies. The game was easy to download for Apple and Android users, Android (free) iOS (£0.69), and Mac (£2.99) and hit the top spot in the App Store after only 3 hours. A free fake version of the game for users without an Apple or Android device quickly followed. Excited users who thought they had found a free version of the game became exposed to a flurry of irritating ads and unknowingly could have allowed cyber criminals access to their credit card details.
To install one of the counterfeit games, users are requested permission to ‘access your data on all websites’ in order to play a game. Users who clicked ‘agree’ run the risk of getting their browsers hijacked. The plug-in authors can acquire all the web data when users browse the Internet with Google Chrome. They are then able to misuse users’ information, such as stealing user email addresses and online credit card information.
Highlighted findings from the Barracuda Labs study include:
• Searching for “Bad Piggies” in the Chrome Web Store turns up at least eight ‘free’ matches
• All of the matches have “Bad Piggies” in their game descriptions, so that they show up when you search for the game
• Seven of the eight fake versions of the game found come from the same source (playook.info)
• When installing any of the fake versions, a request to “access your data on all websites” flashes up before the user is able to play a game
• None of the counterfeit versions of the game are authentic: they are not Bad Piggies, but are just pigs-shoot-birds games
• Once installed, so too are additional ads, which pop up on popular websites such as Angry Birds’ Chrome site, Disney, eBay, IMDB, Kickass Torrents, MSN, MySpace, The Pirate Bay, Yahoo, V9 and 9Gag
Barracuda advises: “When installing a plug-in inside the Chrome web store, consider the requested permissions with a critical eye toward the intent of the plug-in. If the plug-in requests any permission that does not seem reasonable, do not install it. If you have already installed, uninstall it immediately and change your passwords on other websites if possible.
As Chrome gains more browser market-share, Google should provide better secures solutions on Chrome web store to protect its users. Until then, it’s especially important the Chrome users know how to protect themselves.”
About Barracuda Labs
Barracuda Labs is a global multi-disciplinary research and threat analysis team that fulfills a critical role in developing innovative technologies across Barracuda Networks' business areas. The team evaluates the threat ecosystem and creates security intelligence to defend Barracuda Networks customers. Barracuda Labs' threat research areas, which include email, Web, network and cloud security and technology, are designed to improve the world’s security posture by promoting security awareness and education, developing and innovating new defense technologies, and working with government and law enforcement agencies to reduce cybersecurity crime. For more information, please visit www.barracudalabs.com.
About Barracuda Networks Inc.
Barracuda Networks combines premises-based gateways and software, virtual appliances, cloud services, and sophisticated remote support to deliver comprehensive content and network security, data protection and application delivery solutions. The company's expansive product portfolio includes offerings for protection against email and Web threats as well as products that improve application delivery and network access, message archiving, backup and data protection. Coca-Cola, FedEx, Harvard University, IBM, L'Oreal, and Europcar are among the more than 150,000 organisations protecting their IT infrastructures with Barracuda Networks' range of affordable, easy-to-deploy and manage solutions. Barracuda Networks is privately held with its International Headquarters in Campbell, Calif. For more information, please visit www.barracudanetworks.com.
Rosie Anderson / Chris Netto
+44 (0) 1252 717 040