A new cyber campaign is raising alarms across the security world after researchers uncovered a large-scale operation designed to trick users into downloading fake gambling apps disguised as legitimate ones.
According to cybersecurity firm Malwarebytes, the campaign—dubbed “FriendlyDealer”— has already spread across more than 1,500 domains, all carefully crafted to imitate trusted platforms like the Google Play Store and Apple App Store.
At first glance, everything looks real. Users land on what appears to be an official app store page, complete with familiar layouts, fonts, reviews, and install buttons.
But the reality is very different.
Instead of downloading a verified app, users are actually interacting with a web-based imitation. These fake platforms trick people into installing what’s known as a Progressive Web App (PWA)—a type of app that behaves like native software but runs through the browser.
Once installed, the app redirects users to online casino sites, often through affiliate links that generate revenue for the operators.
Unlike traditional cyberattacks, FriendlyDealer doesn’t rely on stealing passwords or infecting devices with harmful software.
Instead, its goal is financial: funnel users into unregulated gambling platforms where safeguards are often missing. This includes:
While technically less invasive than classic malware, the risks remain significant—especially for vulnerable users.
What makes this campaign particularly effective is its scalability.
Researchers found that the entire operation is powered by a single reusable kit capable of generating dozens of fake gambling apps. By simply changing a configuration file, attackers can instantly create new “brands” with identical infrastructure.
Some versions even impersonate well-known names or influencers, while others reuse identical reviews, usernames, and developer responses across multiple fake listings.
FriendlyDealer goes beyond basic phishing tactics.
The system detects whether a user is on Android or iOS and then loads a matching fake app store—down to the exact fonts used by each platform. It also:
In some cases, installed apps may even appear as if they came from official stores inside device settings, adding another layer of deception.
The campaign highlights a growing trend in cybercrime: social engineering over brute-force hacking.
Rather than breaking into systems, attackers are exploiting user trust—especially in environments like mobile app stores, where people rarely question authenticity.
With online gambling already expanding rapidly, schemes like FriendlyDealer show how easily that demand can be manipulated for profit.
To stay safe, experts recommend:
FriendlyDealer doesn’t need to hack your device to cause harm.
By convincingly mimicking trusted platforms, it creates a shortcut between curiosity and risk—one click that can lead users straight into unregulated gambling ecosystems.
And as these campaigns grow more sophisticated, spotting the difference between real and fake is becoming harder than ever.
