When Flappy Bird was taken down last week by its developer, Dong Nguyen, people who missed the Flappy Bird phenomenon found copies elsewhere and downloaded them.
But as it turns out, some of these harbor malware that could steal money from you.
Online security firms such as Sophos and Trend Micro have found fake copies circulating the Internet that may play and look like Flappy Bird, but contain additional code and asks for extra permissions before you install the game.
The real version of Flappy Bird, which only measured 895K, expands to one megabyte or more in some of the infected applications.
The extra code hides malware that can cause your phone to send text messages to a server, which then charges your Google account for a transaction on your phone bill.
When Flappy Bird was first released, before installation, it only asked for two permissions—Internet access and preventing the device from shutting down. The fake or “enhanced” versions ask for more privileges such as device name and location, and SMS privileges.
Online security companies advise extra caution when downloading the Flappy Bird app from the Internet because of malware and Trojans. Check the file size before you install, and make sure the app doesn’t ask you for more than two permissions to be safe.