10 million Samsung users have installed a fraudulent update app: report [update]

Don't download Updates for Samsung


Approximately 10-million Samsung device owners have installed a fraudulent app called ‘Updates for Samsung,’ according to a report by the CSIS Security Group.

The app’s developer, Updato, markets the app to Samsung owners as a one-stop shop for all their firmware needs. That is software that Samsung offers to its customers for free as part of their device purchase.

Not only does the app include a significant number of ads, it offers a $35 annual subscription that promises customers access to all the firmware ever released for their particular device. Moreover, instead of using the Play Store’s secure subscription API, Updates for Samsung asks individuals to add their credit card information directly within the app, which, it goes without saying, is not a safe practice.

If all of the above weren’t bad enough, the app offers a free tier — and I use the term ‘free’ very loosely here — that allows one to download all the firmware updates the app offers at snail-like 56Kbps.

In short, Updates for Samsung is a scam, and yet the app has a four-star rating across approximately 86,000 reviews.

At the time of writing, the app is still available to download via the Play Store. Its continued presence there raises questions related to how Google could allow such an obviously fraudulent app onto its digital marketplace. On the flip side, its popularity speaks to just how passionate people are about their smartphones.

Update 8/07/18: Google has removed Updates for Samsung from the Play Store. In a statement issued to The Verge, the search giant said it suspended the app for violating its policies. Google did not state the specific policy which Updato, the app’s developer, violated.

Source: CSIS Security Group Via: Next Web