Symantec Security Response – Thieves in the Temple: Android.Opfake Makes Another Run

Involve ad Watsons


Downloading mobile games? Symantec warns that there may be thieves in your “Temple Run” download. The creators of the Android.Opfake threat have struck again and with guile, no less. Symantec have recently discovered several dummy sites to disguise games such as Temple Run and  as malware. While most dummy sites are easily spotted, the Opfake team have gone to great lengths to ensure that users will fall for their schemes, having included images of devices playing the games.

[ad#Google Adsense 336×280]

Asus 336x280 ad


All of the front-end sites connect back to a central back-end site that acts as a file generator or repository. While most tech-savvy, net-savvy or internet enthusiasts would have probably identified the list below as unsafe, the following list includes some front-end sites Symantec have identified so far:

  • [http://]www.fruitninjaandroid-apk.ru
  • [http://]www.flashplayerandroid-apk.ru
  • [http://]www.cuttherope-android-apk.ru
  • [http://]www.cuttherope-experiments-apk.ru
  • [http://]www.cuttherope-apk.ru
  • [http://]www.angrybirds-android-apk.ru
  • [http://]www.jellydefense.ru
  • [http://]www.templerun-android.ru


That being said, there may be many others out there, so do be careful when downloading from unsecured sites. More details and analysis are provided in the following blog produced by Symantec’s Security Response team:


In addition, Symantec has published a new whitepaper detailing the inner workings of the Opfake malware and how on the surface the threat may appear to utilize a legitimate business model to generate revenue but a technical analysis reveals the unforeseeable risks it creates for end users. The paper can be found here:

READ ALSO  Porsche Design P'9981 Smartphone from BlackBerry Announced




  • Show Comments

Your email address will not be published. Required fields are marked *

comment *

  • name *

  • email *

  • website *

This site uses Akismet to reduce spam. Learn how your comment data is processed.