Are software "Easter eggs" safe?

Deborah Salmi 16 Apr 2014

Are software "Easter eggs" safe?

eggs02Easter egg hunts are a favorite activity for kids and adults alike, and on Easter Sunday, backyards, church grounds and even the White House will host their own competitions. Cyberspace has its own Easter eggs (a hidden message in software applications), and the hunt for them is just as fun as for real eggs. I asked Filip Chytrý, a researcher in the avast! Virus Lab specializing in mobile malware, about his favorite Easter eggs.

"I hate boiled eggs," Chytrý joked, "but revealing Easter eggs in applications is pretty fun especially if you just have a clue, but don’t have any idea where to start."

Can Easter eggs be malicious?

We're not too keen on hidden code that no one knows about here at AVAST, so I thought it was a good question. Filip explained that to successfully make an Easter egg, the programmer has to hide the surprise from his fellow team mates and his employer, as well as the end user. It occurred to me that if programmers can hide fun things, it's not a huge leap to hiding malicious things. Backdoors, for instance?

"We have not seen an Easter egg that might be considered as malware. There are plenty of original apps for Android which are modified to distribute malware by adding some kind of a downloader, but it's without the user's interaction. Easter eggs have remained harmless; Android apps - not so much," said Chytrý.

Are there Easter eggs in mobile software?

Android developers have hidden Easter eggs within Android OS. Easter eggs found in older version of Android OS

"There are Easter eggs in the latest versions of Android," said Chytrý. "To access the Easter egg in your device, open the settings screen and tap About phone at the bottom of the screen. Locate Android's version number on the about screen and quickly tap it several times."

It worked with Android KitKat on my Nexus 4, but may not work in the modified OS of some device distributors. Find out how to access older Android OS Easter eggs.

Here are some other Easter eggs for you to play with. Share ones that you know in the comments below.

  • On the Google Chrome browser Search for the word tilt or askew and the definition of the word will be literally demonstrated. Change it back to normal by searching for anything else.
  • On Firefox Type about:mozilla into the address bar for a strange prophetic message.
  • In Google Play Do a search without typing or entering text in the search bar and some Unicorns will appear.
  • On YouTube Search for Beam Me Up, Scotty and the results will look like they were transported from the USS Enterprise.

Filip Chytrý and his colleague, Peter Kálnai, will be speaking about mobile malware at the CARO Conference in May. "Like I stated in the blog post about CARO, the amount of mobile threats are rising and more sophisticated attacks appear every day," said Chytrý. "We suggest that you protect your Android devices with good antivirus software."

Easter special on avast! Premium Mobile Security

Starting now, you can get 2 years of premium protection when you buy only 1 year. Download the free version of avast! Mobile Security from Google Play, and look for the special offer on the screen.

avast! Premium Mobile Security Easter sale.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.


Related articles