Kaspersky has identified a fake application that is designed to trick users into thinking it is a certified version of FaceApp but goes on to infect victims’ devices with an adware module called MobiDash.
Once the application is downloaded from unofficial sources and installed, it simulates a failure and is subsequently removed. After that, a malicious module in the application rests discreetly on the user’s device, displaying adverts.
According to Kaspersky data, around 500 unique users have encountered the problem in the last two days, with the first detections appearing on July 7th. There were almost 800 different module modifications identified.
“The people behind MobiDash often hide their adware module under the guise of popular applications and services. This means that the activities of the fake version of FaceApp could intensify, especially if we are talking about hundreds of targets in just a few days. We urge users not to download applications from unofficial sources and to install security solutions on their devices to avoid any damage,” notes Igor Golovin, security researcher at Kaspersky.
Kaspersky products detect and block the threat as not-a-virus:HEUR:AdWare.AndroidOS.Mobidash.