Fake BBM app fools 100,000 Android users by targeting rumored release date

Cybercriminals cashed in on an internet rumor to fool 100,000 Android users into downloading a fake BlackBerry Messenger (BBM) app for Android.

The fake BBM app - masquerading as an eagerly awaited download, and released to coincide with a rumored release date - instead delivered adware. The app had been downloaded 100,000 times before Google removed it from Play Store, according to a report by CNET.

BlackBerry Messenger (BBM) is a popular messaging system and “mobile social network” currently bundled with BlackBerry’s operating system - but the company announced in May this year that the software would launch on iOS and Android.

Persistent internet rumor suggested that the product was to launch on June 27 - so scammers launched the fake BBM app called “BlackBerry Messenger BBM” last week, with the developer name listed as RIM. Research in Motion was a previous name for BlackBerry.

When launched, the app showed a screen suggesting that it would begin working on June 27 - then attempted to persuade users to authorize an advertising service on their handsets.

ESET Security Evangelist Stephen Cobb discusses some of the wider security issues around Android in a blog post here.