CheckPoint, the company specialise in IT security just discovered a new malware known as "CallJam" dissimulated in a "Clash Royale" game.
Clash Royal is a game that was developped by the company "Supercell" (the company behind Clash of Clans) and was released in March. The game is a mixed of card games and tower defence games playable online in 1vs1. the goal is to destroy ennemi castel by placing units in the form of "cards".
The malware has been dissimulated in a game known as "Gems Chest for Clash Royal" that is suppose to explain how to quickly gain coffers containing these cards. CallJam is reported to be able to make overtaxed fraudulent calls, redirect users to particular websites and to display advertisements.
The game is said to have been downloaded more than a hundred time on Google's Playstore. However CheckPoint has informed Google about this and the app has been deleted from the store. However this poses a security concern for Google
This is not the first case discover by CheckPoint. The company has already discover a similar malware known as "Dresscode". The malware is able to take complete control of phones and use them to create a fake traffic on advertisements created by the author of the malware so as to make revenue. Similarly a fake Pokemon Go app known as "Guide for Pokemon Go" has been discovered. This app is a trojan capable of accessing the root user thereby installing more malwares and to generate ads on users phone.
If you want to limit any risk of infections, be careful not to download APKs or apps from other sources other than the Google Playstore or from third party app downloaders.