Fake versions of popular Android games left more than a thousand UK consumers out of pocket to the tune of £27,850, according to premium rate service regulator PhonepayPlus.

The counterfeits of Angry Birds, Assassin’s Creed, Cut the Rope and other well-known titles downloaded by 1,391 UK consumers contained Trojans, which sent three premium rate SMS messages from the user’s device each time the app was opened.

After receiving complaints, PhonepayPlus suspended the shortcodes that enabled the apps to make the charges, meaning the money never reached the fraudsters. The regulator has now instructed the provider of the codes, A1 Agregator Limited, to refund all affected users and fined the company £50,000.

The SMS messages each cost £5, meaning users were charged a total of £15 whenever they opened the app. The malware also suppressed both the sent messages and those notifying users they had been charged, meaning consumers weren’t aware of a problem until their bill arrived.

The fake games were downloaded a total of 14,000 times in 18 countries.

Some users attempted to open the fake apps several times before realising they weren’t genuine, meaning the largest sum charged was £80. Despite the number of people affected, PhonepayPlus received only 34 complaints.

In April security software company Sophos warned that malware writers were exploiting the Angry Birds Space and Instagram brands by publishing fake malware-infected versions via unofficial Android stores.
 
Senior security researcher at Kaspersky Lab, David Emm, said that the fake apps highlight the growing threat of mobile malware, especially on Android 65 percent of all mobile threats are aimed at the OS. “The platform is popular, it’s easy to write apps for it and it’s easy to distribute them via Google Play – so it’s little wonder that cybercriminals are making use of Google Play, where malware masquerades as a legitimate app,” Emm said.

Senior security research manager at IT security firm Websense, Carl Leonard, added that mobile apps are a “powerful malware delivery technique” as most users allow them to do whatever they say they need to do in order to function properly. He added that cybercriminals are now using malicious apps to steal data, something that could be of particular concern to businesses allowing staff to use their personal devices for work tasks.