Follow

It you have a google account please help with reporting this as harmful and impersonating.

*DO NOT INSTALL* (except if you are a malware researcher 😉)

Fake F-Droid app, please report:
play.google.com/store/apps/det

@fdroidorg you can request its removal, no? the support page for flagging apps says you can request apps for removal if infringes copyrighted or trademarked property

@fdroidorg @kuketzblog

The fake app contains Google and FB ads and TrebleShot engine (to transmit/thieve data?).

f-droid.org/packages/com.genon

Developer of the fake app possibly is related to TrebleShot from f-droid, because there are hard coded links inside to Github and Telegram groups:

t.me/trebleshot
t.me/trebleshotBroadcast

@fdroidorg I thought they would ban alternate app stores by default :blobcatthink:

@isi Yes, that's the policy. But a) we don;t know if that app is actually a working appstore (it probably isn't) and b) it's not as if google has a good track record with scanning apps for malware/policy violations.

@fdroidorg yep, as soon as you remove free tusky from your repo

@fdroidorg done, reported as a copyright, trademark & logo violation ; )

@fdroidorg seems like it was successfuly suspended, at least for now

@fdroidorg

Die angeforderte URL wurde auf diesem Server nicht gefunden.

;)

@fdroidorg
I took the time and tested it:
1) downloaded APK. apkcombo.com/en-rs/apk-downloa

2) then online APK sandbox analysis
hybrid-analysis.com/sample/d2b

3) At least one AV found it guilty, so check with VirusTotal
virustotal.com/gui/url/84e4f4b

And in deed it is, check community section for more info.
Anyway it is off the PlayStore now. 🙌☺😁

guys, we've nailed the fake app by reporting !

hi5 to all

@fdroidorg

Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!