Did you know just like there is an abundance of rogue antispyware and malware apps (Live Security Platinum, Ukash Virus, FBI Moneypak Ransomware) for the PC, there is a growing population of rogue apps for smartphone platforms? Among the latest rogue apps for both desktop and mobile platforms, we have taken notice to one that seems to be a copy-cat of the legitimate and growing in popularity Pinterest app called Pin Photo Zoom.
Scammers have released a new rogue app of their own called Pin Photo Zoom, which is a copy-cat of the legitimate Pinterest app. Pinterest happens to be a service that is growing in its attractiveness for Internet surfers and those utilizing iPhones, iPads and Android devices. The Pin Photo Zoom app promises to be a program that allows users to zoom in on Pinterest images but upon further analysis it was found to be a fake program with malicious intentions.
In the scheme of rogue apps for mobile platforms, hackers have found themselves with a new fresh field of crops to pluck out in the form of millions of mobile devices used by those who may seek alternative sources to find and download their apps from. It is those alternative sources that the rogue Pin Photo Zoom app comes from for desktop and mobile users.
Security researchers have found the malevolent Pin Photo Zoom app on a domain hosted on an IP address that is associated with many other sites identified as being malicious. Pin Photo Zoom even has a secondary site called pinterestphotozoom(dot)com (do not visit), which is obviously part of a scheme to mimic Pinterest. The content of the pinterestphotozoom(dot)com (do not visit) site is exactly the same as widdit.com (do not visit), which claims to be a toolbar, add-on or Android application.
Delving into the Pinterest wanna-be Pin Photo Zoom app, researchers have noticed that it does not do anything that it promises. In fact, Pin Photo Zoom was found to install an application which spreads on websites that a user commonly visits. Moreover, Pin Photo Zoom may prompt its own ads before videos open on sites like YouTube. These ads could redirect users to unwanted sites harboring additional malware.
GFI Labs, another security outlet who posted a blog about the fake Pinterest app elaborated on the functions of Pin Photo Zoom, where they found it to inject ads on websites visited by users of the app wherever possible. The image blow from GFI shows where an ad was injected by Pin Photo Zoom on NewEgg and YouTube sites.
Potentially malicious ads injected into visited websites – source: GFI Labs
Potentially malicious ads injected into visited YouTube site – source: GFI Labs
We are known for being among the first to report on newly discovered rogue antispyware applications for the PC. However, this is one of the rare times that we report about a specific rogue app for virtually all platforms, including iPhone, iPad and Android, which could be an indicator of things to come down the hacker pipeline. We strongly urge that the Pin Photo Zoom app be avoided. It is possible that this app is offered on questionable sites who are known for distributing malicious apps.