The original Flappy Bird may be gone (its creator pulled the game from app stores last weekend), but clones of the simple-yet-frustratingly difficult game live on—some of them, unfortunately, as malicious variants that will attack Android phones.
According to Andras Mendik, researcher at the security firm SophosLabs, “off-market” versions of the Flappy Bird app that look identical to the original but are infected with malware are already in circulation on “alternative” Android markets—i.e., ones other than the Google Play Store.
One particular variant of the Flappy Bird game looks like the real McCoy: Its name and 8-bit icon are identical to the original. But unlike the original game by developer Dong Nguyen, which only asks for network access to play, the malicious clone asks for a lot more access to your phone. It wants permission to “modify or delete the contents of your SD card,” to receive, read and send text messages, to draw over other apps, add web bookmarks, install shortcuts, and more.
This is where it gets problematic: If you agree to all these permissions, the Flappy Bird imposter will boot up like the normal game, but after a certain period of time, it will say its “Trial version has expired,” and ask you to send a premium-rate SMS to reactivate the game.
Many users will remember Nguyen’s game was free, albeit ad-supported. But here, even if you opt not to send an SMS and attempt to cancel or exit the game, the fake Flappy Bird won’t let you. The app screen will go away, but the software will continue running in the background.
On its company blog, Sophos recommends users “be wary of apps from alternative markets” and use antivirus security programs, like Sophos’ own free offering. As with any app, it’s important to be aware of what permissions you’re giving the software before you install it onto your system and risk losing valuable data. And as for Flappy Bird, unless you were “lucky” enough to download the real game while it was available, it’s too risky to take a chance on one of these convincing-looking clones.
Images by Madeleine Weiss and Dave Smith for ReadWrite