Malware attack has become a recurring problem for Android users. It certainly doesn’t come as a surprise that infected apps, adware and fake apps are found on Play Store. It seems as if, Google is having a tough time in keeping Play Store safe from these attacks.
It is difficult for users to differentiate between a malicious and a clean app. But if the user wisely chooses the app then there’s certainly a better chance of staying protected. The latest large-scale threat discovered is in the form of adware known as FalseGuide.
It is a malware which spreads through legit Google Play Store. As the name implies it impersonates itself as a game guiding apps and asks for administrator permission at time of installation. If the user grants permission the malware embeds itself into the device.
FalseGuide attack is more extensive, than understood, recently five additional apps containing the malware were found on Google Play, developed by “Anatoly Khmelenko” (translated from Russian ???????? ????????).
What is Botnet?
The word Botnet is formed from two words ‘robot’ and ‘network’. This malware is used by cybercriminals to breach security of users.
It is a network of private computers infected with malicious software and group of devices controlled by hackers without owner’s knowledge. It displays pop-up ads by using a background service that runs when the device is booted.
What is FalseGuide?
FalseGuide is a new form of Android malware causing havoc on Google Play. It is very destructive as gains access to user’s private data, prevent removal of infected app and much more.
See Also:8 Ways to Secure Your Android Device
How does FalseGuide work?
The malicious software hides itself inside several apps on Google Play. These apps appear to be guide to other Android games and requests an unusual permission on installation (device admin permission).
Once the permission is granted the malware installed registers itself to a Firebase Cloud Messaging topic which has the same name as the app. It creates a silent botnet out of the infected devices for adware purposes.
Why does it masquerade as guiding apps?
FalseGuide replicate as guiding apps for games for two major reasons. First, guiding apps are very popular then the original gaming apps. Second, guiding apps have minimalistic features and require less time for development and feature implementation.
Fifty guide apps have been identified as infected with this malware. The popular mobile games, such as Pokémon Go FIFA Mobile and many more are on the list.
Note: Any application asking for admin permission at time of installation suggests a malicious intention.
Google removed all instance of False Guide
After being alerted by Check Point and surviving for few months on Play Store all instances of FalseGuide are removed by Google. It is hard to pin down number of downloads however security firm states that nearly 2 million devices can be infected. The number can be low if users did not grant administrator access or ran the program. The impact is unclear but be cautious while downloading those guide apps.
How to Stay Safe?
Google Play takes security measures to detect malicious apps and block them from being uploaded. But we cannot solely reply on them and should download a malicious app.
There are certain standard protection measures if one follows can remain unaffected:
See Also: 14 Best Android Security Apps
- Always download apps from trusted and verified developers and stick to trusted sources, like Google play Store and App Store
- Check and verify app permissions before installing apps. If you are unsure about any permission, just do not install it
- Keep an updated antivirus app installed on your device to detect and block infections.
- Do not download apps from third party source
- Avoid using unknown and unsecured Wi-Fi hotspots
- Keep your Wi-Fi turned OFF when not in use
- Be careful while granting administrative rights to an app as they give app full control of your device.
- Never click on links in SMS sent to your phone, even if it looks legit.
A variety of anti-malware apps are available in market, but only few standout as the best option. One such app which you can try is Systweak Anti-Malware. It not only secures your device from malware attacks but also scan apps at the time of installation, so that no infected app is installed.