Fake BlackBerry BBM apps *still* in Google Play Store, one month after failed official release

Filed Under: Android, Featured, Google

Update. No sooner was this story written and published than the real BlackBerry Messenger for Android app was released. If you intend to download it, we suggest you start off on BlackBerry's own website (blackberry.com) to help ensure you end up in the right place on the Play Store [2013-10-21T23:06Z].

It's now one month since BlackBerry's ill-fated non-release of its BlackBerry Messenger (BBM) app for Android and iOS.

The beleaguered mobile phone maker was all set to launch BBM on the Android and iOS platforms last month, before pulling the product at the last minute.

In fact, the app did reach Android users, but only briefly, and not with BlackBerry's blessing.

Ironically, even though BlackBerry enthused about "1.1 million active users in the first eight hours, without even launching the official Android app," it was also forced to admit the the unofficial release "caused issues" - issues so severe that the product still wasn't out when this article was written.

(BBM for Android and iOS finally appeared officially the same day this article went live.)

But the app, or numerous shabby imitations of it, are still popping up in the Play Store a full month later.

It's not surprising to see cybercrooks trying to take advantage of heavily-anticipated product releases, but in this case the official product remains very publicly unreleased, which you might hope would make Google quadruply suspicious of imposter apps.

The situation is calmer now than when I checked last week, when there were dozens of apps looking just like #4 above.

But even a few bogus apps are too many, given that all of the ones I've looked at with green logos seem to have identical imagery and the same drivellous description, starting like this:

Blackberry Messenger Full Edition!!!

For All Android Devices and also it is FREE!!!

And this descirption is 100% BELEIVABLE, IS'NT IT?!?!?!?

It doesn't say the last line, of course - I made that up - but it might as well.

Worse still, the descriptions generally end with keyword stuffing - padding the text with unrelated search terms in order to get search engines to recommend the false app under doubly false pretences.

Those keywords probably won't do much to deter the average vistor, despite their peculiarity (they're down at the bottom), but you'd have thought they'd trigger alarm bells at Google when it vetted the app, given that they include bogosities such as these:

Sadly, we've written about fake apps in the Play Store before, with similar surprise at how on earth the imposters could have got there at all.

For example, we've had fake Apple apps, which I'm sure you might have expected Google to spot proactively, given that Apple has something in the way of a rival mobile ecosystem, and doesn't actually produce Android apps at all.

Same thing all over again with Nintendo, which doesn't publish its games on Android, yet was the victim of bogus apps that surely should have been obvious.

And we've had companies that do produce Android apps targeted by imposters with apps that don't even try to look like or behave like the original.

Of course, I'm not implying that it would be less dodgy if the crooks showed enough respect to rip off their victims more faithfully.

But it does make we wonder what Google is looking out for - I get a mental cartoon image of a bearded burglar, clad in prison garb and carrying a giant bag labelled "SWAG," meeting Google as a policeman with a speech bubble saying, "Now then, ma'am, have you seen any suspicious looking characters round 'ere?"

The Play Store isn't supposed to be perfect - it's meant to embrace big and small developers alike, and to bring lots of choice of free and paid apps.

But it is the official place to get apps, and if you want to install apps from anywhere else, Android makes it clear that "there be dragons":

Judging by the dialog telling you that you have to take sole responsibility if you shop outside the Play Store, it certainly sounds as though Google officially claims at least some responsibility for what is inside it.

So it is a disappointment to see the Play Store apparently so easily abused like this, and Google really needs to clean up its patch.

Just about two years ago, Google's Open Source Programs Manager, Chris DiBona, came out with am extraordinary claim.

He said that "if you work for a company selling virus protection for Android, RIM or iOS you should be ashamed of yourself."

DiBona seemed to think that protecting what got into Play Store in the first place that was the right way to attack the problem:

All the major vendors have app markets, and all the major vendors have apps that do bad things, are discovered, and are dropped from the markets.

But when screensful of fake BlackBerry apps can flood the Play Store at the same time, and apps from mobile market rival Apple can appear without any apparent sense of irony, Google obviously still has plenty of work to do.

(The silver lining, I suppose, is that I guess I no longer need to feel ashamed at working for a company that makes an Android Anti-Virus.)

, , , ,

You might like

7 Responses to Fake BlackBerry BBM apps *still* in Google Play Store, one month after failed official release

  1. J Doe · 315 days ago

    Google is playing dirty. Will begin to Yahoo more, and not use or buy Google products from now on!

  2. The C Man · 315 days ago

    Doesn't it make you wonder if Google is deliberately allowing the fakes to deliberately block BBM?

  3. Ian Thomson · 315 days ago

    What happened to them releasing it on the 27th of june?

  4. Joe · 315 days ago

    This article was published minutes after the official BBM hit the play store. Maybe write a follow up that not every BBM app in the play store is fake?

    • Paul Ducklin · 314 days ago

      Indeed - what timing! Thanks for pointing this out. I added a note to the article lest anyone be confused.

      There is at least one non-fake BBM now :-)

  5. Niall · 314 days ago

    One other issue of concern here is that at the moment some fake apps are currently in the App Store with convincing icons and names and top ratings (4 star) from their 200+ 'reviews'. Despite thirty odd 1 star ratings which say things like 'fake' and 'doesn't work', thre are many many more that praise the app.

    Albeit a small part of checking out an app, quickly check out the reviews, which in these cases don't seem to have much value. Fortunately in this case due to the apps' own write ups, claims and other factors they are cleary not 'real', however had the developers been a bit more careful then they could have looked a lot more credible and the bad reviews swamped by the praise may not alert the casual user.

    • Paul Ducklin · 314 days ago

      What Niall said. Good advice...and don't rely on the app doing itself a disservice by overdoing the exclamation points and keyword stuffing. As you say, the crooks could be(and sometimes are) much more circumspect...

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog