Over 10 million users tricked into downloading fake app for Samsung devices

Samsung users take note: You don't need third-party apps to update the firmware on your devices, and more importantly, you don't have to pay for them.

An expose by malware analyst Aleksejs Kuprins of CSIS Security Group shows that 10 million unsuspecting users have been tricked into installing the Updates For Samsung app, which claims to provide "every Android update for Samsung devices".

It redirects users to a blog website, first enticing them with free firmware downloads, then pushing them to pay for updates that in reality are available for free.

Kuprins notes that the download speed for the 'free' version is limited to 56KBps (kilobytes per second) so a typical firmware could take up to four hours to download and possibly even crash halfway.

Read Also
Man in China claims Samsung Galaxy S10 caught fire when charging, sues for one yuan
Man in China claims Samsung Galaxy S10 caught fire when charging, sues for one yuan

Frustrated users will be pushed to pay for the 'premium' package that offers faster download, and they will be charged a US$34.99 (S$47.48) yearly fee.

The payment doesn't happen on Google Play, where the app is surprisingly still available, according to Kuprins - instead the app sends the user's credit card info to another site.

If you own a Samsung device, the firmware update, if any is available, can be found under Settings.

After you select Settings on your device, tap on About Device and then Software Update.

The Samsung website states: "Operating system updates are released periodically for your device. Please note that updates may take some time to install and can be large in terms of data. We recommend downloading the update via a WiFi connection to avoid using up your mobile data allowance."

You can choose to auto update the firmware as and when an update is available, or do it manually. Either way, the updates come straight to your devices and are free of charge.