Thousands of people downloaded a popular 3D browser-based game from the Chrome Web Store. That game, described as a "fast-paced, action-packed free-running castle adventure game," advertised "High Speed Acrobatics," "Awesome Outfits and Skills," and "Insanely Dangerous Worlds."
The danger, it turned out, was to consumers’ privacy. A company called Vulcun had purchased the game and replaced it with a completely different program, called Weekly Android Apps, without adequately informing users. And Weekly Android Apps had performed some high-speed acrobatics of its own, installing apps on users’ mobile devices—again without adequately informing consumers—and bypassing the security controls set up by the Google Play Store in the process. The FTC took action against Vulcun and today announced an agreement that imposes strict disclosure requirements on Vulcun's future contact with consumers.
Look Out for Unexpected Behavior
Users of Weekly Android Apps reported unusual behavior on their computers and mobile devices. Some users complained of desktop browsers being redirected or windows opening unexpectedly. Other users reported that apps they never downloaded—and did not want—had appeared on their mobile devices, sometimes more than once.
If you notice strange behavior on your desktop or mobile device, consider updating your security software or running a system scan. This video has in-depth tips on how to protect yourself from malware.
Review App-Store Permissions Information
Thousands of powerful apps are available through smartphone app stores. Some of those apps might ask for permission to access information on your device, like contacts, photos, the device’s location, or even your financial or health information. The app or app store also will disclose what information is available to the app. Carefully read that disclosure and consider whether the app needs access to the information requested. If it doesn’t, you might want to pick another app. Check out Understanding Mobile Apps for more information.