{"id":8439,"date":"2017-07-25T02:20:26","date_gmt":"2017-07-25T10:20:26","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/07\/25\/news-2213\/"},"modified":"2017-07-25T02:20:26","modified_gmt":"2017-07-25T10:20:26","slug":"news-2213","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/07\/25\/news-2213\/","title":{"rendered":"Beware of these fake apps on Google Play Store that use \u2018Jio\/Jeo\u2019 in their names"},"content":{"rendered":"<p><strong>Credit to Author: Quick Heal Security Labs| Date: Mon, 24 Jul 2017 12:53:52 +0000<\/strong><\/p>\n<p>Jio took the Indian telecom market by storm when it made its entry with free unlimited calls and data offers. People went into a kind of frenzy for acquiring this service. And with its \u2018truly unbelievable\u2019 offers, Jio also launched an array of apps in the Google Play Store such as Jio4GVoice, JioChat, JioMusic, etc. And unsurprisingly, these apps also became popular with many. And this is where cybercriminals came into action. Recently, Quick Heal Security Labs found 3 fake apps in the Play Store that go by the names \u2018Jio Speed Booster\u2019, \u2018JEO Validity Extender&amp; Checker\u2019, and \u2018JWO Validity Extender&amp; Checker\u2019 and these have already been downloaded over 5,00,000 times. Let\u2019s take a look at each of these apps in detail. \u00a0 1. Jio Speed Booster  Fig 1 About the app The app claims that it helps you configure your device to get the best possible network from Jio. The app\u2019s graphical user interface looks like what\u2019s shown in the below figures. &nbsp;  Fig 1 (a) &nbsp;  Fig 1 (b) &nbsp;  Fig 1 (c) Our Analysis The app asked us to accept its \u2018Terms and Conditions\u2019, but we could not find them anywhere. The app pretended to \u2018search for bands\u2019 by displaying a fake progress bar and displayed a message as shown in fig 1 (c). In the background, however, the app started loading advertisements. Verdict The Jio Speed Booster App does nothing to boost your Jio network but consumes a large amount of data to display unwanted advertisements. Status The app has been removed from Google Play Store after Quick Heal Security Labs reported it. &nbsp; 2. JEO Validity Extender&amp;Checker  Fig 2 About the app The app claims to help Jio users to check their plan\u2019s validity and extend it. The below figures show how the app looks like.  Fig 2 (a) &nbsp;  Fig 2 (b) &nbsp;  Fig 2 (c) Our Analysis After selecting \u2018JEO VALIDITY CHECK\u2019 it asked for a Jio SIM number. When we entered one, we found that the app did not really verify when the number is registered with Jio or if it belongs to a different service provider. It only validated whether it is a 10 digit number. In the next step, the app asked for details including Jio mobile number, name, email ID, city, and state. The provided details were sent to a third party website exposing them to an untrusted source. Verdict The JEO Validity Extender&amp;Checker app does not do what it says but tricks the user into revealing their personal information. Status The app has been removed from Google Play Store after Quick Heal Security Labs reported it. 3. JWO Validity Extender&amp;Checker  Fig 3 About the app The app works in the same way as JEO Validity Extender&amp;Checker does but only differs in its user interface (fig 3) Status The app has been removed from Google Play Store after Quick Heal Security Labs reported it. \u00a0 Third-party fake apps We found apps similar to the above three on third-party app stores. One of these is the The JIO Upgrade APP that claims to offer a free upgrade to Jio services. Fig 4 represents a web page where it asks the user to download the app and enjoy 25 GB of Internet per day for lifetime.  Fig 4 Our Analysis Scammers are spreading the link of this web page through WhatsApp so that they can attract a large number of users. Verdict Jio hasn\u2019t declared any such offers officially and these offers are clearly fake.  Fig 5. WhatsApp message claiming extra benefits for Jio users How do attackers benefit from these fake apps These fake apps were created to either steal user\u2019s personal information (as seen in the case of the JEO Validity Extender&amp;Checker) or serve the user with a large amount of ads (Jio Speed Booster). Both these activities generate revenue for the attacker. As verified by VirusTotal, Quick Heal Mobile Security Apps were the first&hellip;<br \/><a href=\"http:\/\/blogs.quickheal.com\/beware-fake-apps-uses-jiojeo-names\/\" target=\"bwo\" >http:\/\/blogs.quickheal.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Quick Heal Security Labs| Date: Mon, 24 Jul 2017 12:53:52 +0000<\/strong><\/p>\n<p>Jio took the Indian telecom market by storm when it made its entry with free unlimited calls and data offers. People went into a kind of frenzy for acquiring this service. And with its \u2018truly unbelievable\u2019 offers, Jio also launched an array of apps in the Google Play Store such&#8230;<\/p>\n<p>The post <a rel=\"nofollow\" href=\"http:\/\/blogs.quickheal.com\/beware-fake-apps-uses-jiojeo-names\/\">Beware of these fake apps on Google Play Store that use \u2018Jio\/Jeo\u2019 in their names<\/a> appeared first on <a rel=\"nofollow\" href=\"http:\/\/blogs.quickheal.com\">Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10459,10378],"tags":[10462,3764,10463,32],"class_list":["post-8439","post","type-post","status-publish","format-standard","hentry","category-quickheal","category-security","tag-android","tag-malware","tag-mobile-security","tag-news"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/8439","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=8439"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/8439\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=8439"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=8439"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=8439"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}