Game Guide Malware ‘Targeted over 500,000 Users’
It is estimated that 2 Mn Android users have now been victimized to malware mistakenly downloaded from Google Play, which was initially reported to have affected around 6 lac users.
A security outfit, Check Point, has discovered the FalseGuide malware. Security researchers of Check Point said that this malware was hidden in over 40 guide apps for games, the oldest of which was uploaded to Google Play as early as in Nov. 2016.
Every apps has around 50,000 installs making the malicious reaching to approximately 8 lac devices. Check Point has informed Google about this malware, and it was quickly removed from the Play Store. Androidcommunity.com posted on April 26th, 2017, stating that two new malicious apps were uploaded to Google Play containing this malware in the beginning of April.
This malware has been posted in the Google App Store for more than 5 months since Nov. 2016. More and more victims are being added every day, and now these victims are part of a botnet.
Hackers behind this hacking chose to use "game guides" because of two reasons. Firstly, they are very basic and simple applications, therefore no one wastes time to create them. Instead they focus all their efforts on malware development and hiding it to avoid the security measures of the Play Store. Secondly, these applications are very popular and are widely distributed and so the numbers of potential victims are quite huge.
These high levels are possible as the apps request device admin permission on downloading, which is not a usual request; and it suggests malicious intent because it stops the user from deleting the app. FalseGuide registers itself to a Firebase Cloud Messaging topic with the same name as the app allowing it to receive extra modules and then create a silent botnet.
To become mindful of the stuff you install is the only response to this, and you should be mindful of the permissions asked by any app for installation. If you experience something strange in the permissions, you should cancel the installation as a safe choice.
» SPAMfighter News - 5/2/2017
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!