Over 60 Fake ‘Among Us’ Apps Discovered; Some Used As Malware Droppers

Security researchers have discovered many real-life impostors masquerading as InnerSloth's popular game, “Among Us.” These fake apps have been designed for various uses, including dropping malware into the devices they were downloaded and installed into.

Promon, a Norwegian company specializing in in-app protection, together with Wultra, has discovered more than 60 fake apps disguised as the popular multiplayer deduction game, “Among Us,” TechRadar reported. The apps, the security company said, were created by cybercriminals who are “exploiting the popularity of the multiplayer game to distribute malware.”

According to the investigation, all of the fake apps are coded to use the real app’s package name, meaning users will not be able to spot the difference unless they know how. The fake apps look like the real deal but are actually malicious apps designed for other purposes.

Per the investigators, the fake apps use the name “com.innersloth.spacemafia” – the real package name “Among Us” uses on Android. The impostors were distributed from at least nine authors and can be downloaded from unofficial sources, which include websites and third-party app stores.

The investigation revealed that more than 75% of the impostors install malware into the victims’ devices. They have been “repackaged” to incorporate malicious code, which then turns the game into adware, causing ads to appear on the screen. The ads can be very intrusive, appearing over the user interface.

The investigators also found that some of these fake apps were turned into malware droppers. They can be used to infect devices with serious malware, such as banker malware – the kind that people with malicious intent use to steal banking credentials from unsuspecting users.

Execs from both Promon and Wultra expressed their concern over the findings and warned parents to be careful with how their children use their devices to get popular apps such as “Among Us.”

“The concern here is that this particular game is very popular amongst young people, who are generally unconcerned with mobile app security and will download not only what they think is a legitimate version of the game, but also mods, maps, skins, and resource packs, without any consideration of how dangerous the source may be,” Promon CTO Tom Lysemose Hansen said in a press release.

“We urge parents and children alike to pay extra attention to these kinds of attacks as it is becoming common practice to side-load games onto devices, especially if those games have been banned from official app stores,” he added.