An Android horror game with over 50,000 installs was found to exhibit malicious behavior, stealing the gamers' Google and Facebook credentials, and siphoning their data after logging into their accounts. The game is called Scary Granny ZOMBYE Mod: The Horror Game 2019 (Scary Granny) and it is designed to bank on the success of another Android game dubbed Granny that currently has over 100 million installs. While Scary Granny is a fully functional game which would actually keep gamers playing it to avoid any suspicion and raising any red flags, it was removed on June 27 from Google's Play Store after the researchers who unearthed its phishing and data siphoning abilities reported it to Google. To hide its actual "horror" side, the game would delay exhibiting any malicious activity for up to two days after being installed as Wandera's research team discovered. The app would also only turn on its data-stealing modules only if it was being used on older Android versions, with users of newer devices running up to date operating systems not being impacted. When being installed, the Scary Granny game gains persistence on the devices by asking for permissions to launch itself after the smartphone or tablet is restarted. This allows it to show full-screen phishing overlays even after the Android users reboot their devices, by first displaying "a notification telling the user to update Google security services. When the user hits ‘update’, a fake Google login page is presented, which is very convincing other than the fact ‘sign in’ is spelled incorrectly." Learn more by visiting OUR FORUM.