Kaspersky has identified a fake application that is
designed to trick users into thinking it is a certified version of FaceApp but
goes on to infect victims’ devices with an adware module called MobiDash.
Once the application is downloaded from unofficial
sources and installed, it simulates a failure and is subsequently removed.
After that, a malicious module in the application rests discreetly on the
user’s device, displaying adverts.
According to Kaspersky data, around 500 unique users
have encountered the problem in two days this week, with the first detections
appearing on July 7t. There were almost 800 different module
modifications identified.
“The people behind MobiDash often hide their adware
module under the guise of popular applications and services,” says
Igor Golovin, security researcher at Kaspersky. “This means that the
activities of the fake version of FaceApp could intensify, especially if we are
talking about hundreds of targets in just a few days. We urge users not to
download applications from unofficial sources and to install security solutions
on their devices to avoid any damage.”
Kaspersky products detect and block the threat as not-a-virus:HEUR:AdWare.AndroidOS.Mobidash.