falswguide-a-new-malware

Recent report from Check Point Security warned the Android users that they could become victim of a new malware – FalseGuide. The report claims that the malware has already affected millions of Android smartphones when it paved its way to the Play Store under the developer names of “Sergei Vernik” and “Nikolai Zalupkin”.

Effects of FalseGuide

The malware can potentially root a phone, get access to sensitive info and prevent the infected app from being deleted. After gaining administrator rights from users the malware can then be used to display “illegitimate pop-up ads out of context”.

“FalseGuide creates a silent botnet out of the infected devices for adware purposes. A botnet is a group of devices controlled by hackers without the knowledge of their owners. The bots are used for various reasons based on the distributed computing capabilities of all the devices.”

The malware is difficult to detect until granted administrator rights. It has been observed in at least 49 Android apps, which have been downloaded by as many as 1.8 million Android users in 5 or so months they spent at the Play Store. Fortunately, most of those apps were found to have very low download figures.

The full findings of the report can be read at Check Point’s blog here.

Google’s Response

Google claims to have removed any app infected by FalseGuide, while also reiterating commitment to making Play Store a safe app repository for users.

Despite Google being pretty strict about regular security updates and OEMs releasing them, almost half of all Androids didn’t get regular security updates in 2016, making way for potentially harmful malware such as FalseGuide to exploit users.