Warning! It has recently come to our attention that there are a couple of fake apps spoofing our browser automation tool, iMacros on the Chrome Web Store.
At Ipswitch, we talk a lot about information security. If you are a frequent visitor to the Defrag This blog, then you know we are all about sharing the latest cybercriminal tactics. Our mission on the Defrag This blog is to provide IT professionals with tips to make your job easier and keep you informed on the latest information security trends and issues. That’s why it is critical to bring to your attention that iMacros, an Ipswitch product, is being spoofed on the Chrome Web Store.
If you have recently downloaded iMacros on the Chrome Web Store, you may be effected. In any event, be wary of anything you download on app stores, since this is becoming a huge vector of attack for hackers.
Lately, hackers have been targeting Google’s app stores, including the Android Store and Chrome Web Store, creating fake versions of popular apps. Just recently, it came to light that over a million users had downloaded a fake version of WhatsApp. These fake apps install malware on your devices with adverse effects that range from annoying adware to creating backdoors into your devices.
It just so happens that we recently discovered that an Ipswitch application, iMacros, has been spoofed as well on the Chrome Store. We first noticed and issue on October 25th, when one of our employees saw an app named “iMacros – Browser Automation” by keyholesurgeryknickerbockers.xyz. It seems that this was first updated on October 24th and may be the first time it appeared.
We immediately reported the issue as abuse to Google and stated that we (Ipswitch) were the real developers of iMacros and the other app is a fake and probably being used as a form a malware. We reported the issue a couple times from multiple accounts to Google, but Google has yet to remove the fake app.
Another app called iMacros for Chrome appeared on November 1st. We just noticed this fake app this week. We have already gone ahead and reported the issue to Google, but it seems that Google will be slow to respond since they still have not responded to the first fake app we discovered a couple weeks ago.
You can see what to watch out for in the screenshot below.
As we are getting used to phishing attempts via emails, it is now necessary to always check that the apps we download are the real developer. The developer name is a big indicator whenever an app is being spoofed. If you aren’t sure who the developer is of an app is, you should do a little research online to see if that is the correct app that you want to install.
Ipswitch takes these security issues very seriously and we strive to protect our customers as much as possible, but, in this case, we are dependent on Google, and they have been slow to respond. While app stores offer a convenient way to enhance devices with new capabilities, they also now pose a security threat. You should always do a little research. Google’s app stores have few regulations as to what app developers can upload and this has made them a target for cyber criminals.
For those who would like to help; if more people bring this issue to Google's attention, we believe this will help expedite the removal of the fake iMacros apps. You can complain about the abuse by doing the following:
- Sign in to the Chrome Web Store.
- Search for iMacros in the search bar.
- Click on the item that is the fake app. In this instance it will be all the apps not created by Ipswitch.
- Click Report Abuse.
- Fill out the form and Submit.
We will keep you updated on if any changes happen in our case to Google. In the meantime, stay safe out there!