The developer of fake Flappy Bird app took advantage of the user's "carelessness" of granting the permissions to Android apps.
A forum post on anonymous image board AnonIP shows that the group of hackers may have used a cloned Flappy Bird app to steal and collect the naked photos of females from their Android devices and then send them to remote servers.
The post on a hackers' forum, written in late July this year, was discovered by security consultant Nik Cubrilovic. It detailed how the supposed developer had developed a malware-ridden “clone” of Flappy Bird app for Android devices that would exploit app permissions granted during installation in an effort to steal the photos.
“I am a fucking genious [sic]… Hear me out. I.. modded… the app,” the developer explained in the post. “It now secretly downloads all of the phones pictures to my server when the game is running. Note: this app will only work for android,” he added.
The developer want to release a copy of cloned Flappy Bird app on the Google’s Play Store but he didn’t want to risk his developer license, as the app violates Google play’s terms. But, to solve the problem, he was searching for a second developer account, specifically created for the purpose of stealing pictures from infected Android devices.
He also asked for financial support from his fellow anons in order to make a second Google Play developer account and promises to “post any wins [stolen photos] obtained in this thread.” A new developer licence cost $20.
All game is based on the users’ negligence to check the permissions of mobile apps they granted without even knowing of the fact that any app is asking access to your device’ stored photographs. It is extremely phishy, but many of you don’t even pay attention to these details and accept those permissions blindly.
Flappy Bird, developed by a 29-year old, Dong Nguyen, was one of the top free gaming apps on Google’s Play Store. But after the developer of Flappy Bird pulled the gaming app from both the Apple and Google app stores, it led to the creation of dozens and dozens of Flappy Bird clones, out of which many identified as malicious.