Dubious apps on Google Play Store now selling fake Kerala lottery tickets

Dubious apps on Google Play Store have impersonated the Directorate of Kerala State's lotteries -- Kerala Lottery Online and India Kerala Lottery -- and are duping people, cybersecurity researchers warned on Tuesday.

Dubious apps on Google Play Store now selling fake Kerala lottery tickets
Source: IANS

Bengaluru, Nov 15 (IANS) Dubious apps on Google Play Store have impersonated the Directorate of Kerala State's lotteries -- Kerala Lottery Online and India Kerala Lottery -- and are duping people, cybersecurity researchers warned on Tuesday.

Both the applications hosted on Google Play Store have over one million downloads and were found impersonating the Online Kerala lottery which operates in offline mode.

According to AI-driven cyber-security firm CloudSEK, threat actors are using referral links to spread their campaigns.

On the landing page of the referral link, threat actors can be seen mentioning 5 per cent of the winning amount to be shared with all the users of the referral link and a free entry/ticket to the lottery.

"Cashing on the popularity of Kerala lottery, threat actors have created multiple apps and websites to sell tickets and conduct lotteries which is banned by Kerala state government," according to a CloudSEK researcher.

To prove legitimacy, threat actors impersonated government entities and create fake advertisements from accounts having more than 200,000 followers on major social media platforms.

"Logos of the Directorate of Kerala State Lotteries, National Informatics Centre, and Kerala state were used by the makers of the dubious apps. According to the Kerala Lottery Department, the state sells only paper lottery tickets and prohibits online sales," said security researchers.

They found that both Kerala Lottery Online and India Kerala Lottery apps display the same privacy policy but operate under different names.

"Upon analysis of these two applications, the following email addresses were listed as developer's contact: [email protected] and [email protected]. This indicates that the government entity is not operating the apps," CloudSEK noted.

The applications ask for several permissions and notable among them was the request to install packages (required to install other applications on your device).

There were multiple Telegram groups, YouTube videos, Facebook and Twitter posts promoting the scam applications.

"Several websites have also been created to promote the apps and make the apps look legitimate," the researcher added.