COPENHAGEN, DENMARK — A new report by the CSIS Security Group has found that "Updates for Samsung," a third-party app on the Google Play store, had been misleading users into paying for software updates on their Samsung phones.<br /><br />The app had more than 10 million downloads before it was taken down last week, USA Today reports.<br /><br />According to the report, once the app is downloaded, it takes you to their website, 'updato.com.'<br /><br />The website allows users to search for specific firmware then asks users for their credit card information and charges users a fee of US$34.99 for an annual subscription of Samsung software updates.<br /><br />The site offers free updates as well. However, the report found that free downloads are limited to a rate of 56 KBps and eventually time out.<br /><br />This happens despite the fact that Android phones offer free software updates on all their devices.<br /><br />Bleeping Computer reports that the app had clearly stated in their description that they are quote "not affiliated in any way, shape, or form with Google Inc or Samsung Electronics."<br /><br />CSIS Security Group Malware analyst Aleksejs Kuprins told ZDNet that the app didn't carry out malicious tasks on the device.<br /><br />Kuprins said the website displayed "a lot of full-screen advertisements, almost after every other tap on the screen."<br /><br />In a statement to Bleeping Computer, Updato's app developer said they aggregate software updates, "for the convenience of our audience."<br /><br />Adding that, "Our database allows people to easily search for firmware in any location for any version for any device. "<br /><br />Updato told Bleeping Computer that the app was taken down to make adjustments while Google says it had suspended the app for violating Google Play Developer Policies.
