Fake 'Flappy Bird' App Spreads Malware

"Flappy Bird," a curious little mobile game that earned its creator a reported $50,000 per day before he pulled it from app stores this past weekend, has spawned its fair share of copycats. And while imitation may be the sincerest form of flattery, some "Flappy Bird" replacements can scam you out of hundreds of dollars.

As Android phones do not limit users to apps from the Google Play store, apps in less-reputable stores are widely available — however, they often contain malware. Right now, third-party app stores in Eastern Europe and Southeast Asia are offering an app called "Flappy Bird" that is identical to the original, save for the fact that it loads premium-text-message scams on your phone.

MORE: 12 Most Maddeningly Difficult Games of All Time

The good news about this scam,discovered by researchers at Trend Micro, is that it's absolutely up front with its duplicity. As with any other Android app, the fake "Flappy Bird" provides you with a list of permissions it needs in order to run before you install it. One of the requirements for the faux "Flappy Bird" is the ability to send, receive and read short message service (SMS) messages.

The app even uses the standard Google Play warning that sending SMS messages may cost you money, and asks permission before sending out premium texts to new phone numbers. That isn't to say that every part of the scam is out in the open, though. Users can also receive text messages that incur charges, and the app hides these by default.

Even if you think hundreds of dollars is a fair price to play one of the most frustrating games ever created, you may be less thrilled that the app can also steal your personal information. The fake "Flappy Bird" shares your personal data, including phone number and Google account information, with a command-and-control server.

While there's no evidence that the compromised version of "Flappy Bird" has made its way into the official Google Play store, the game has spawned dozens of cheap knock-offs. There's a good chance that at least one "Flappy Bird" copycat with built-in malware, or at least dodgy adware, slipped past the Google Play gatekeeper.

If you're absolutely dying to play "Flappy Bird," there are still ways to acquire it, although the legality is dubious. If you can find a clean version of the Android application package file (APK) online, you can side-load it to your Android device, install it and tear your hair out because the game is so difficult and arbitrary.

Of course, installing third-party APKs is like playing Russian roulette with your phone or tablet, so be sure to scan the app with an Android security suite before committing to it. Then, flap away.

Follow Marshall Honorof @marshallhonorofand on Google+. Follow us @tomsguide, on Facebook and on Google+.

TOPICS
Marshall Honorof

Marshall Honorof is a senior editor for Tom's Guide, overseeing the site's coverage of gaming hardware and software. He comes from a science writing background, having studied paleomammalogy, biological anthropology, and the history of science and technology. After hours, you can find him practicing taekwondo or doing deep dives on classic sci-fi. 

Latest in Malware & Adware
A person trying to set up a new Wi-Fi router
Thousands of TP-Link routers have been infected by a botnet to spread malware
A smartphone screen displaying the Android name and logo next to a sign reading 'MALWARE'.
Fake Google Play Store pages are spreading Trojan malware that can steal your financial data
Green skull on smartphone screen.
Over 1 million Android devices infected with password-stealing, pre-installed botnet malware — how to stay safe
Green skull on smartphone screen.
This Android banking trojan steals passwords to take over your accounts — and all it takes is a single text message
PayPal logo on iPhone
Watch out! Scammers are using this PayPal setting to take over your PC
A laptop displaying the Chrome logo
Don't click this — malicious ads impersonating Google Chrome spreading dangerous malware
Latest in News
Samsung Galaxy S25 Edge back
Samsung Galaxy S25 Edge price comes into focus with latest leak
Apple iPhone 16 Plus Review.
Apple just released an emergency security update for a flaw used in an ‘extremely sophisticated attack’ — update your devices right now
NYTimes Connections
NYT Connections today hints and answers — Wednesday, March 12 (#640)
Jean Smart as Deborah Vance and Hannah Einbinder as Ava Daniels in Hacks
Max reveals 'Hacks' season 4 release date and trailer — here's when it's coming
Google Pixel 5 review
Google Pixel 10 lineup leaked in new renderings — here's what they look like
A person trying to set up a new Wi-Fi router
Thousands of TP-Link routers have been infected by a botnet to spread malware
  • xyzzy1
    Or maybe just live in the Apple "gated community" ecosystem and not worry about this hassle.
    Reply
  • ronhord
    I wouldn't like to be in the Apple kindergarten, but certainly I always use an anti-virus no matter what. Anyhow, you can still download Flappy Bird from some other sites, I got it from http://flappy-bird-clean-download.blogspot.co.uk/, seems clean to me.
    Reply