Android malware is infected

Android Malware infected 2 Million Google Play Store Users In fake companion Guide Apps for popular Games and APPS

Android users who have mistakenly downloaded and installed malware on their devices straight from Google Play Store has reached 2 Million.

Android malware is infected

Android malware is infected

Android users of about 2 million have fallen victim to malware hidden in over 40 fake companion guide apps for popular mobile games, such as Pokémon Go and FIFA Mobile, on the official Google Play Store, according to security researchers from Check Point.

Dubbed FalseGuide by the Check Point researchers, the malware creates a “silent botnet out of the infected devices” to deliver fraudulent mobile adware and generate ad revenue for cybercriminals.
Nearly 2 Million Android Users Infected!

While initially it was believed that the oldest instance of FalseGuide was uploaded to the Google Play in February and made its way onto over 600,000 devices within two months, further in-depth analysis by researchers revealed more infected apps which date back to November 2016.
“Since April 24, when the article below was first published, Check Point researchers learned that the FalseGuide attack is far more extensive than originally understood,” Check Point researchers wrote in a blog post.
“The apps were uploaded to the app store [Google Play Store] as early as November 2016, meaning they hid successfully for five months, accumulating an astounding number of downloads.”
Russian connection with FalseGuide

Check Point researchers discovered five additional apps containing the FalseGuide malware on Google Play Store, developed by “Anatoly Khmelenko” (translated from Russian Анатолий Хмеленко).
Also, the first batch of malicious apps was submitted under the Russian names of two fake developers, Sergei Vernik and Nikolai Zalupkin, which suggests the malware is of Russian origin.

FalseGuide attempts to turn infected devices into a botnet that could allow its operator to control the devices without the knowledge of the device owners.
Here’s How FalseGuide Works:

While downloading to the victim’s phone, FalseGuide requests administrative permissions to the device in an attempt to avoid being deleted by the user.

The malware then registers itself with Firebase Cloud Messaging – a cross-platform messaging service that allows app developers to send messages and notifications.

Once subscribed to this service, FalseGuide can allow the attackers to send messages containing links to additional malware and install them to the infected device, enabling attackers to display illegitimate pop-up ads out of context and generate revenue.

Depending on their objectives, the attackers could also inject highly malicious code into an infected device to root it, conduct a Distributed Denial of Service (DDoS) attack, or even penetrate private networks.
Google Removed the Malware hidden Apps, but are you Clean?

Check Point has provided a full list of malicious apps hiding FalseGuide, which posed as guides for FIFA Mobile, Criminal Case, Super Mario, Subway Surfers, Pokemon Go, Lego Nexo Knights, Lego City My City, Ninjago Tournament, Rolling Sky, Amaz3ing Spider-Man, Drift Zone 2, Dream League Soccer, and many more.
Check Point researchers notified Google about FalseGuide in February, after which the company silently removed the malware apps from the Play Store.

But despite being removed, the malicious apps are likely still active on a number of devices, leaving Android users open to cyber attacks.
“Mobile botnets are a growing trend since early last year, growing in both sophistication and reach,” CheckPoint said. “This type of malware manages to infiltrate Google Play due to the non-malicious nature of the first component, which only downloads the actual harmful code.”
How to Protect yourself against such Malware

There are standard protection measures you need to follow to remain unaffected:
Always download apps which are from trusted and verified developers and stick to trusted sources, like Google play Store and the Apple App Store.
Always verify app permissions before installing apps. If any app is asking more than what it is meant for, just do not install it.
Keep a good antivirus app on your device that can detect and block such malware before it can infect your device. Always keep the app up-to-date.
Do not download apps from third party source. Although in this case, the app is being distributed through the official Play Store, most often such malware are distributed via untrusted third-party app stores.
Avoid unknown and unsecured Wi-Fi hotspots and Keep your Wi-Fi turned OFF when not in use.
Be careful which apps you give administrative rights to. Admin rights are powerful and can give an app full control of your device.
Never click on links in SMS or MMS sent to your mobile phone. Even if the email looks legit, go directly to the website of origin and verify any possible updates.

Also READ  Instant Games are now built into Facebook Messenger

2 Comments

  • […] Android Malware infected 2 Million Google Play Store Users In fake companion Guide Apps for popular … […]

  • Is there something known as cat mario unblocked? Obviously, many web pages do not supply free service
    to users to play the video game. Inside the feel, this game is not
    really completely on the net and rarely, sure
    rarely you can get some websites providing and absolutely free and finish access to the video game.

    Moreover, if you learn 1 or any, remember to let us.
    We certainly have been in search of some cat mario unblocked app.
    In any case, moving on to the other feature about Cat Mario, we must be frank listed here yet again and declare that download apk file of subway surfers no age group confines.
    Anybody can engage in this game and the main objective of it will be to enjoy it wherever possible but while
    there is almost nothing called as cat mario unblocked, plenty of your enjoyment removal will hinge with the
    place you participate in this video game. The official web-site is where you can try it out but there
    may be some payment to get manufactured.

    Hello there! This is just about the most effective online game from Weebly and it’s totally unblocked!

    Have fun with Cat Mario in class, work or at your house
    day-to-day. Have a great time!

    Cat Mario 2 , 3 Activity Unblocked Syobon Activity is often a 2D Japanese foundation freeware indie video game
    published in February 2007. This action video game provides a
    different accept one of many world’s most desired video gaming.

    Guide the bright white feline with the Mushroom Empire.
    Instead of Goombas and Koopas, you will be up against an army of icky blobs.

    Guide a little Cat Mario conquer all challenges!
    In this particular unblocked video game for classes, you should take control of your pet cat
    and then make its way thru all discrepant destinations filled with
    impediments. Work through all of them, collect much more useful items and attempt
    your better to conquer all adversaries. All the best !!

Leave a Reply

Your email address will not be published. Required fields are marked *