Cybercrooks have been quick to latch onto the hype about Flappy Bird's demise by laying a variety of malware-based traps.
Counterfeit Flappy Bird Android apps packing malware have been spotted all over the web, with sightings by both Trend Micro and Sophos, among others.
Trend warns that counterfeit copies of the mobile game send text messages to premium rate numbers, thereby ringing up unwanted charges to victims’ bills. Counterfeit versions of Flappy Bird are "especially rampant in app markets in Russia and Vietnam," Trend Micro warns.
More malware can be expected to follow.
And that's not the only risk of note. Supposed Flappy Bird downloads actually seek to entrap potential marks within survey scams, Malwarebytes warns.
Survey scams encourage users to disclose certain information by pretending to be consumer surveys. In reality, no matter how many questions a victim answers they never get any goodies. The end result is that scammers profit from affiliate revenues from unscrupulous marketing firms while victims are left at a higher risk of fraud.
"Poor old Flappy. Trojaned apps, survey scams.... he should have just stayed a big puddle of bird goo on the floor," joked Chris Boyd, malware intelligence analyst at Malwarebytes.
Flappy Bird was taken out of IOS and Google App Stores earlier this week.
As well as opportunists selling smartphones loaded with the app for stupid prices on tat bazaar eBay, there are also un-tampered clean .APKs available for those that know how to search for them online, as El Reg previously reported.
Vietnamese developer Dong Nguyen has been crystal clear he doesn't want the game distributed anymore so even these untampered apps are no longer kosher.
And even if that doesn't bother you there's still the malware risk. If you must (really) then at least do yourself a favour by checking that your copy of Flappy Bird for Android won't give you the pox. Check the APK SHA1 hashes for the untampered mobile game against anything you download, recommends a blog post by Finnish security software firm F-Secure here. ®