We are, at this point, familiar with fake apps in the Play Store—they pop up from time to time, but Google swiftly eliminates them. It seems like for all its efforts in cleaning up the Play Store, Google has a blind spot when it comes to books. There are multiple publisher accounts in Google Play Books that claim to offer cracked APKs for a dollar or two, and people are buying them. Instead of getting a cheap game, all people are getting is disappointment and malware.

2015-03-03 11_53_30-LIMBO (APK + OBB) Download - Books on Google Play

After becoming aware of this problem, we spotted almost a dozen sellers of these phony "guides," but that's probably just scratching the surface. One of the most prolific is Monster Guides Editor Pro, but several of the others may be run by the same people due to the similarities in naming. There's also Johnny Bravo, leon Master, and more. These publishers list several dozen games (and a few apps) for sale, usually at $0.99 -$3.00 each. Most of them are significantly cheaper than the legitimate paid versions. There are also a number of free-to-play games listed, but here the publisher promises a modded unlimited APK with no in-app purchases.

Hacked APKs are a thing that exists, but how do you deliver them via a book? Each "book" is only a few pages long and contains download links and installation instructions (I won't link directly to any of this for reasons that should be clear).

2015-03-03 13_31_36-The Simpsons_ Tapped Out (APK) (MOD) (Unlimited Money_Donuts_XP) - Books on Goog

To figure out what's going on, I tested with a supposed copy of Limbo. The links are all connected to a site called Androider, which hides all the supposed downloads behind a wall of ad redirects (yay, more money) and pages that download suspicious EXE files on your computer and unrelated malware APKs on your phone. There are also some really gross phishing scams in there.

2015-03-03 12.38.02 2015-03-03 12.38.18 2015-03-03 12.38.30

You may be tempted to say "Good, let those fools buying cracked APKs get some malware." However, Google can't let scammers run roughshod over the Play Store. Authors and developers rely on the Play Store to make a living, and letting this stuff exist undermines confidence in the ecosystem. Providing a portal for people to get scammed, even if they should know better, is not okay. In addition, these "books" show up in search results when you look for the real app. You and I can glance at these listings and know something is wrong, but not everyone has the necessary experience to do that.

The fake downloads are presented on the main results page.

The fake downloads are presented on the main results page.

You can report individual books to Google on the product pages, and you should. I have to assume Google simply hasn't noticed these listings yet, even though they've been there for at least a few weeks. It's not like they're hard to find, either. Come on, Google. Fix this.