Posted on

Download Free Temple Run 2 For Android… NOT

Since I have promised in my Temple Run 2 Download for iPad post that I will give updates whenever I already have Free Temple Run 2 For Android download links, I am constantly looking out for that Temple Run 2 for Android in Google Play Store.

Around 11:35 PM (GMT+8) of January 19, I found these apps in Google Play Store

Temple-Run-2-Android-Screenshot-01

Wow! got 2 hits for Temple Run 2 HD and they are using the new Temple Run 2 logo, really they have it in Android and its in HD (another wow!) am I lucky that day?

Looking closely at the first app I discovered something fishy.

Temple-Run-2-Android-Screenshot-02

Because original developers of the Temple Run is Imangi Studios and _NOT_ IMANGHI (take note of the H). 5900+ ratings. I looked further at the description of the app and its the same cut and paste description text found in the iTunes:

Description
The sequel to the smash hit phenomenon that took the world by storm!

With over 170 million downloads, Temple Run redefined mobile gaming. Now get more of the exhilarating running, jumping, turning and sliding you love in Temple Run 2!

Looking at the second suspicious Temple Run 2 HD for Android app

Temple-Run-2-Android-Screenshot-03
the descriptionIS the same text description found in iTunes. Lazy Ctrl+C – Ctrl+V

Researching further, I looked at the reviews and this KSGBLUEAPPS version already have 122 5-stars. Wow!
Reading the full description of the apps and some of the user reviews I confirmed my suspicions: users are already complaining that these apps are just a puzzle/wallpaper apps, they are _NOT_ the legit Temple Run 2 app and they come with a big twist, with lots of Ads/Advertisement links (and by the sound of the 1-star reviewers comment, loads of Ad/Advertisement-related links for your mobile phone). This is very PREDICTABLE if you will ask me, as Ad/Adverts will bring in cash (kaching-kaching) and that is where the money is 🙂

What I find really amazing is “they” ARE FAST. In less than 2 days after the legit version Temple Run 2 for iOS was released, suspicious Temple Run 2 Android apps already made it in the Google Play Store.

So I did NOT download it and I forgot about it already (Either I’m getting old or I’m a very busy guy yah know :p)

Fast forward to January 22 around 4PM (GMT+8), a teammate send me an email asking about some malicious Android app related to Temple Run 2. So I checked their concern and remembered my weekend ad-friendly apps. I also searched for them, yup the previous Temple Run 2 HD for Android apps by Imanghi and KSGBlueApps from Google Play. Alas! both apps are already _NOT_ available via Google Play. I have several (conspiracy) theories on why they were removed but I will keep them to myself. What is important now is that Trend Micro already detects the said apps as ANDROIDOS_FAKETEMPLRUN.A, a Malware Blog post is already publicly available:

Fake Versions of Temple Run 2 Sprint Their Way to Users via Trend Micro Security Intelligence Blog.

and the said malicious apps are already kicked out in Google Play Store 🙂

Some questions remain:

  • Are the apps (I screen captured) exact copies of those apps that my teammates analyzed for the Malware Blog post: Maybe. If we will base it from company name, description and related strings, most probably its the same.
  • Am I sure about this? Not 100%. Sorry I do not have the exact APK file to compare it byte per byte to come up with a conclusion.
  • Why did Google removed them from Google Play? I don’t know. You better ask them not me :p
  • Do you see where these questions are leading you? (hehe conspiracy theorist = menard)

Lesson learned. Back to basic security tip: Be cautious of what you search, download and install to your mobile phone (this also applies to desktop/PCs). Be careful also with other unofficial Android Markets and websites offering free apps.

Better be safe than sorry OK?

AI: Do a blog post as an awareness campaign. Check!

Again be careful: malicious Temple Run 2 Android apps are out there in the wild.

Lastly some disclosure:
I work at Trend Micro. The views expressed in this blog post are mine and mine alone and do not necessarily represent my employer’s positions, strategies or opinions.
To know more about me (work and other stuff), kindly visit my about page.
To know more about my blogs full disclosure policy, kindly visit my disclosure page.

ScreenCapture Credits: Me and Gorehowldroid

Update: 2013.01.26

Legit Temple Run 2 For Android available now via Google Play Store:

https://play.google.com/store/apps/details?id=com.imangi.templerun2

Posted on

Malware Blog – World of Warcraft Scams: Mist of Pandaria, Free Mounts and Phishing Galore

I’m always excited when I encounter some #security meets #gaming issue.  So I’m eagerly re-posting my blog article published in the TrendLabs Malware Blog entitled World of Warcraft Scams: Mist of Pandaria, Free Mounts and Phishing Galore.

World of Warcraft: Mists of Pandaria is the fourth expansion for the massively multiplayer online role-playing game (MMORPG) World of Warcraft. It was first unveiled to the public last October 2011 during the BlizzCon 2011 conference in Anaheim, California.

TrendLabs researchers started seeing increased phishing activity inside World of Warcraft after Blizzard started the closed beta testing for Mists of Pandaria last March 2012.

In these new rounds of phishing attempts, scammers are trying to abuse the WoW’s in-game mail system. In this phishing attempt, the malicious URLs are sent via in-game mail and are received by players in their in-game mailboxes.

 

 

In this phishing try, the scammer entices would-be victims to join the Mist of Pandaria beta testing and win an exclusive in-game item, the Dragon Turtle Mount, by visiting and registering in their website. The Dragon Turtle Mount was previously announced by Blizzard as the racial mount for the Pandarens, the new additional playable character race available in the Mist of Pandaria expansion.

 

 

The phishing URL in the in-game email goes to a phishing website that closely resembles the actual Battle.net website. The phishing URL tried to add some credibility by adding the string Mist of Pandaria abbreviation (MOP) to the domain name.

 

 

If unsuspecting users input their Battle.net credentials it will definitely result to Battle.net account theft. Battle.net is the central account management for all Blizzard games like World of Warcraft, Starcraft 2, and Diablo III.

In contrast to what we discussed in our previous World of Warcraft post, we observed that recent scamming attempts seem to be targeted at low level characters and not high level or level-capped (Level 85) ones. This may be part of the scam detection avoidance strategy of the bad guys, as high level characters may have more awareness to this security issue as they have spent more time in the game.

We analyzed the malicious domain further and found some great discovery: The same server also hosts other phishing sites targeting World of Warcraft players:

  • http://{BLOCKED}p.us-support.net
  • http://{BLOCKED}p.wow-support.net
  • http://for{BLOCKED}t-eu-wow-account-blizzard.com
  • http://for{BLOCKED}t-wow-us-account-blizzard.com
  • http://{BLOCKED}a-pandaria.net

The newly discovered malicious websites are using Mist of PandariaWorld of Warcraft, and their corresponding abbreviations in their URLs.

Trend Micro users need not worry about these threats, as they are protected from these World of Warcraft phishing attacks via the Trend Micro™ Smart Protection Network™, which blocks access to the phishing websites.

It is interesting to note that some of the phishing websites were registered just days after Blizzard announced that Mist of Pandaria will be the next World of Warcraft expansion. This clearly shows that the bad guys are up to date and are always in the lookout for events and opportunities to expand their nefarious schemes.

Blizzard on their part have stepped up their security measures. They have published a dedicated security page to help users understand their security commitment; raise awareness on different types of account thefts, highlight a gamer’s security checklist, and a step by step guide on what to do when users suspect that their account is being compromised.

Blizzard also promoted their authenticator (available as an app for iOS and Android devices, and as a keychain fob) by giving away an exclusive World of Warcraft Corehound pet to users availing the authentication services.

We also advice our readers, casual and hardcore gamers alike to view our latest Security and Gaming e-Guide to get helpful tips to help secure their online game experience.

Thanks to Paul Pajares for additional technical details.

Image credits: blog.trendmicro.com

Original post from: TrendLabs | Malware Blog – by Trend Micro

My special thanks to Paul, JM, Tin, Gelo and Badette for their help in the article. You guys and gals rock!!!

I will give my personal insights on this article (World of Warcraft, Mist of Pandaria, Phishing and Security) here in menardconnect.com soon. Watch out for it OK?

Kindly view my other World o Warcraft posts here

To all online gamers out there, be safe online OK?

 

Posted on

TrendLabs PH Blogger Tour Part 2 Post


I mentioned several weeks ago that I joined the TrendLabs PH Blogger Tour and I welcomed some Pinoy Tech Bloggers to our Labs.

I got hold of some of the blogger’s articles and links about the TrendLabs Tour and as a sign of my appreciation I am giving out some link-love here at menardconnect.com

  • Inside an Anti-Virus Lab by Ron Villegas
  • Trend Micro gives a peek at global lab in PH by Glen Fontanilla
  • Trend Micro Labs Philippines Facilities Antivirus Tour by Jayson Biadog
  • A brief tour inside Trend Micro’s TrendLabs by Andrei Lim
  • XSTIG: Trend Micro TrendLabs Tour by by Florencio Jusay Jr
  • TREND MICRO TRENDLABS TOUR by Wilmar Duldulao

Will update this post when I have the other posts/links of  the other attendees

Again, thank you guys and hope to see you again soon…

Posted on

TrendLabs PH Bloggers Tour

Last week I participated in our company event for PH Tech Bloggers. I presented to Pinoy Tech Bloggers our company (Trend Micro) and what do we TrendLabs dudes and dudettes do for a living 🙂

Image Credit: TrendLabs/Trend Micro

My presentation is entitled “TrendLabs Tour, 1,000,000,000 threats daily, 1,000 Threat Response Specialists fighting the good fight” and I hope (and pray) that I presented it well.

Some personal insights: It’s a refreshing experience because I have not joined an end-to-end walking tour for a long long time!!!

I’m excited too (and honestly, I’m kabado rin) as this group IS Pinoy tech bloggers, and you know how I love to connect to my fellow pinoy bloggers (now you know why this blog is called menardCONNECT.com). even if this blog is not pure tech blog 😀

To the pinoy tech bloggers who attended the event: Thank you! It was really a pleasure meeting you all. I’ll be visiting your blog sites soon, and will connect to you via sns, twitter and/or google+ maybe. I’m really poor at matching names and faces and blogsites, but I know we will meet again in blogging events (IRL and online), and when that time comes just remind me that we met in the TrendLabs Tour and I will remember you!!!

Special greets to Miray, Macky and the rest of my team mates for a job well done. Sorry I cannot mention you all here (as I haven’t got your explicit permission yet, but I can and will edit this post  after getting your blessings).

Looking forward for the next TrendLabs blogger and social media event 🙂 **Wooot!**

Update 2012.o7.17

I created a new post with the links from pinoy tech blogger attendees. Kindly view TrendLabs PH Bloggers Tour Part 2 Post

Lastly some disclosure:
I work at Trend Micro. This blog post is NOT a paid post by Trend Micro. The information contained in this post is my personal insights on the Trend Micro/TrendLabs activity.

To know more on what I do at work, kindly visit my about page.
To know more about my blog’s full disclosure policy, kindly visit my disclosure page.

Posted on

Power User Group Shoutout: Free AV, Free Trend Micro Titanium Maximum Security 2012


I am avid supporter of our Power User Group. I believe I posted at menardconnect.com some of their activities on 2010 and 2011.

For 2012, they have revamped the rewards system, but I believe they will still be giving away some Free AV, Free Trend Micro Titanium Maximum Security product and other cool prizes too. But I am not after the rewards you know; this post is a testament of my all out support to the team 🙂

Quoting the Power User Group site, here are the benefits of being part of Trend Micro Power User Group this year:

  • Free license to the latest Trend Micro Home Use product after getting the following scores
    • at least 30 points – Free SN for Titanium Maximum Security 2012
    • at least 60 points – additional Free SN for Titanium Antivirus+ 2012
    • at least 90 points – additional Free SN for Titanium Maximum Security 2012
  • Be one of the first to test any latest Trend Micro Technology for Consumer-based products and tools.
  • Have a say on how we develop our products and services.
  • Win more Exciting Prizes! Top PUG 2012 Program contributors for the year will receive additional incentives.

So I encourage my readers to join the Trend Micro Power User Group. Kindly visit the Trend Micro Power User Group page:

https://www.trendbeta.com/pages/product_info/view/741

Read the agreement and check the checkbox.
Click on the Feedback.
And Register (if you are a new member) or login (if you already have a previous account).

Hurry! Because this offer may end soon!

Lastly some disclosure:
I work at Trend Micro. This blog post is NOT a paid post by Trend Micro. The information contained in this post was taken from Trend Micro (with permission from respective teams in Trend Micro).

To know more on what I do full-time kindly visit my about page.

To read my blog’s full disclosure policy, kindly visit my disclosure page.

Will post more updates about Power User Group and Titanium Maximum Security availability when its available.

If you find this post useful, kindly add me up in Twitter and Google+. You can also like my Facebook Page too 🙂

Posted on

My Post in Malware Blog: How Big will the Android Malware Threat Be in 2012?


Happy New Year to all!!!

I have many post ideas for the blog and I cannot decide which one to post first. But I guess I’ll settle with the post (or actually a repost) that is related to one of my favorite topics here at menardconnect.com and at work and that is Android and malware.

So to start the year 2012, I am re-sharing my article published on TrendLabs Malware Blog  last January 5, 2012.

How Big will the Android Malware Threat Be in 2012?
by Menard Osena (Solutions Product Manager)

In August 2011, we released our Snapshot of Android Threats, which stated that there was a significant increase in the number of Trojanized Android apps and actual malware targeting the Android platform.

In our 12 Security Predictions For 2012, we mentioned that smartphone and tablet platforms, especially Android, will suffer from more cybercriminal attacks.

In our continuous monitoring of this threat, we soon noticed that the problem was growing at an alarming rate. From a mere handful of malicious apps at the start of the year, it skyrocketed to more than a thousand malicious Android apps by the middle of December 2011. The average month-on-month growth rate for the second half of 2011 was more than 60%.

If this growth rate is sustained this year, then 2012 will definitely be an “exciting” year for Android. Why is this so? If current trends hold, we may be able to see more than 120,000 malicious Android apps by December.

There are several factors that are causing this explosive growth:

  • The increasing popularity of Android, as highlighted both by the number of total downloaded apps (more than 10 billion via the official Android Market) and the number of users and activations, as stated by Gartner and Google Senior Vice President of Mobile Andy Rubin.
  • The openness of the Android app distribution model. Unlike other mobile OSes, users are free to install applications without passing through any filtering process. This lowers the barriers to installing malicious apps considerably.
  • The cybercriminal mindset: Bad guys attack where the money is.

2011 already saw a wide variety of threats emerge for Android, as we discussed in our year in review. Android malware is definitely here to stay for 2012.

Original Post: TrendLabs Malware Blog: How Big will the Android Malware Threat Be in 2012?

Image Credit: blog.trendmicro.com
Note: With minor edits on the tags/image locations/bold fonts/etc.

Just like my previous Malware Blog article reposts, I will do my best to give additional personal insights here in Menardconnect.com soon.

For now just the repost and some shoutout and appreciation to my teammates who helped (in one way or another) me in the completion of the post.

Special thanks to Jonathan, Christian, Macky, Gelo, Dani, and Eric for their help in the article. You guys and gals really rock!!!

Posted on

On Droids and Threats


TrendLabs published some cool infographic about Android and threats. And since I mentioned in my previous post that I’d do my best to write more about Android here at menardconnect.com I am featuring that infographic here.

To commemorate the first year of the discovery of the first Android trojan, TrendLabs released a blog post on A Snapshot of Android Threats. Some great highlights includes the following:

  • 1410% increase on the number of malware samples discovered by the team from January 2011 to July 2011
  • 51.9 Million Android OS-based devices in use now
  • 33% of Facebook users access the Facebook site via their mobile devices

and a lot more.

My favorite part of the infographic is about the six :). What six? In the tradition of my free six cafe world cheats, my six new Philippine money, my six free wow mounts, my six tagalog love quotes and my free six video posts, I am listing the six types of Android malware according to TrendLabs:

  1. Data Stealer
  2. Premium Service Abuser
  3. Click Fraudster
  4. Malicious Downloader
  5. Spying Tools
  6. Rooter


Image Credit: blog.trendmicro.com

To know more about the Android threats and the infographic kindly visit Batangastoday.com and Trend Micro Malware Blog.

Before I end this post, some disclosure:

I work at Trend Micro. The post I have here in menardconnect.com are my own personal views and does not reflect the views and stand of my employer.

To know more about me, kindly visit my about page. To know about this blog’s disclosure policy kindly visit my disclosure page.

Hope you like my Android blog post 🙂

Posted on

On TrendLabs, Security and Social Media


I did some internal presentation for TrendLabs folks this afternoon on security and social media stuff. I cannot share details yet as not all sessions are done (still got 3 2 to go), but to give you a hint it’s related to my previous post here and in Malware Blog.

At the end of the presentation I mentioned that I also blog here at Menardconnect.com and since some of them might check the internet for this site, hence this post.

Yup TrendLabs dudes and dudettes, welcome to my blog. It’s not ALL tech, antivirus and security blog posts here, as I also blog about games, food and other random *woot* things. Kindly read my about page if you are still in doubt (if this is my blog) 🙂

Thank you to those who attended the first session and second sessions. I have to admit I still got some preso jitters (for the first session). Not sure if I’m just nervous or excited or maybe both 🙂

I plan update this post after each session, and will do another follow up post after all the sessions are done.

To my other readers (especially non-Trenders) sorry but the presentation is for internal TrendLabs folks for now.

Presentation for external? I’m not making any promises (my idea here is like the song lyrics “…I’m not making plans for tomorrow, For tomorrow never comes“).

But who knows?

Image Credit: about-threats.trendmicro.com

Update 2011.05.04
2nd session done. This session was more relaxed 🙂 maybe there is no additional “external” pressure 🙂 Thanks guys n gals for attending.

Posted on

Vote for TrendLabs Malware Blog in SC Magazine’s Best Corporate Security Blog

I just recently learned that our TrendLabs Malware Blog was nominated in SC Magazine’s Annual Social Media Awards.

I love the TrendLabs Malware Blog and I post some articles there every now and then. This post is a shout out to my friends and readers to help me and the TrendLabs Team make our Malware Blog the top blog.

Kindly vote for TrendLabs Malware Blog for SC Magazine’s Annual Social Media Awards in Best Corporate Security Blog category.

Here’s how:
1. Kindly go to SC Magazine US Site
2. Look for the Second Annual SC Social Media Awards Voting Poll
3. Choose TrendLabs Malware Blog (Trend Micro) from the list in “best corporate security blog”

4. Click Vote

Feel free to vote for your other favorite security bloggers and security tweeps in the next 2 polls.

Voting will end on Friday Feb 11th 8PM (EST) that’s Saturday, Feb 12th 9AM (GMT+8).

Thank you in advance!!!

Good luck to TrendLabs Malware Blog!!!

Posted on

Trend Micro Titanium, Sodexho Pass and Special Gift Packs Awaits


Do you want some free Trend Micro Titanium Maximum Security antivirus software?

How about if we add some Sodexho Pass worth P500?

Ok let’s increase the wager and add some Trend Micro Gift Pack (includes Trend Micro Shirt, Trend Micro 2011 Calendar and other TM freebies)?

If your answer is a big YES to all, then you are lucky. Read the details below:

Trend Micro will be having Power User Group event this coming weekend (February 12 and 13, 2011). My teammates are looking for laptop users who are willing to be part of Trend Micro’s standard product development process. In this event, my teammates will ask you to install Trend Micro Titanium 3.1 antivirus software in your laptop (minimum requirement is Windows 7 OS installed) and answer a set of questionnaire. My teammates will also be present at the event venue to support and assist you if you will have problems related to the product (installation n stuff).(note: I’d love to join you guys n gals in this event, but i’m not free that day. I’ll post my reason here soon I’m out for the RSA 2011 conference)

Below are the event details of the Trend Micro Titanium Intensive Beta Testing

WHERE:
TrendLabs Philippines
9th Floor | Tower 2, The Rockwell Business Center Ortigas Avenue, Pasig City (Beside The Medical City).

WHEN:
Session 1
February 12, 2011
Saturday, 1:00 P.M. to 5:00 P.M.

Session 2
February 13, 2011
Sunday, 1:00 P.M. to 5:00 P.M.

Note: Snacks will be served during the event

To qualify for the program, users must bring in their personal laptops running Windows 7 and IE 9.0 on the event day and install Trend Micro Titanium Maximum Security 3.1.
If you meet the minimum requirements, just follow the steps below to join.

  1. Subscribe to my RSS Feed OR my email Feed
  2. Fill Up the Zoomerang Survey or click the click here image below
  3. Kindly put my name, Menard Osena or Menardconnect.com to the field = “Who referred you to this testing”
  4. After signing up, you will receive a confirmation email from the Trend Micro Beta Team if you are qualified to participate.

Reminders: The slots are limited, so hurry, grab this opportunity and join now!

Registration closes on February 10, 2011, 12 noon.

Feel free to forward this blog post to your friends, family members or relatives to share this opportunity with them. If you have Facebook/Twitter/Plurk/etc, feel free to share/tweet/plurk this blog post too so that others can know about it.


Lastly, some disclaimer:
I’m an employee of Trend Micro. This blog post is _NOT_ a paid post by Trend Micro. The information contained in this blog post is taken from Trend Micro Beta Team (with permission to repost in my blog). To know more on what I do full-time kindly visit my about page. To read this blog’s disclosure policy in detail, kindly visit my disclosure page.

Image Credits: Trend Micro Beta Team