Over 10 million owners of a Samsung device have downloaded from the Google Play Store and installed an app that promises to offer the most recent updates to the Android operating system for the South Korean manufacturer’s device revealing itself to be an advertising conglomerate and a risk for the security of personal data. Called “Updates for Samsung – Android Update Versions”, the app was reported in a CSIS Security Group report (via The Next Web).
Despite the report, the app is still available in the Play Store. The description of the app reads: “Download any operating system update for any Samsung device ever released, read the latest Android technology news and access the latest firmware updates, Android version updates, tips, tricks, guides and practical exercises for check if it is possible to update or update the device to a new version of the Android operating system”.
Apart from the fact that the description can mislead mobile users, there is also the name of the developer who uploaded the app on the store as “Updato“, which has no other applications uploaded on Google’s digital store. Samsung’s official applications, on the other hand, are uploaded by “Samsung Electronics Co., Ltd.“.
The CSIS report noted that, in addition to showing ads, the app offers an annual subscription ($ 34.99) promising the ability to download firmware for Samsung devices, with payment not via Google Play but by credit card. There is also a free plan to download the firmware at a very low speed but, from what has been learned, in this case the downloads never complete, certainly to encourage people to pay.
You need to pay more attention when downloading applications from the Play Store: first of all, check the name of the app uploader, then also check user reviews, if available. And never leave your credit card details in the apps you are not sure of, it is usually Google Pay that securely manages transitions.