Over 10 Million Users Have Downloaded a Fake, Money-Grabbing 'Updates for Samsung' App: Report

Samsung has notably not authenticated the app that claims to offer firmware updates

Highlights
  • Updates for Samsung app is available on Google Play
  • The app charges money for offering firmware updates
  • It doesn’t use Google Play subscriptions

A fake app called “Updates for Samsung” that promises Android firmware updates has been spotted on Google Play. The online listing confirms that over 10 million users have already installed the bogus app, though a large number of users have alleged that it’s nothing more than an “aggressive ad delivery platform.” A Medium post by cyber-security firm CSIS Security Group has also underlined that the app lists unofficial firmware updates and importantly doesn’t use Google Play subscriptions to charge money for the update packages.

The Updates for Samsung app exploits users by redirecting them to an ad-farm that charges them money for downloading firmware updates, CSIS Security Group noted in its Medium post. Many users in their reviews on the Google Play listing mentioned that despite making payments, they weren’t able to download the firmware packages. Similar was the case with the CSIS Security Group team that wasn’t able to finish the downloads at the time of testing the app.

The app also claims to let users unlock their SIM cards for any operator by paying $19.99 (roughly Rs. 1,400). However, it handles the transaction for the SIM unlock service through an informal source — not via Google Play subscriptions.

At the time of filing this story, the Updates for Samsung app was still available for download through Google Play. Users are, however, recommended to use the formal source for downloading firmware updates — instead of relying on an unofficial source. Samsung, just like other Android OEMs, provides a native option to download software updates by going to the settings menu.