One good way to spread malware through the legit Google Play Store is through those popular game guides that you can download for free or a fee. That’s exactly what the “FalseGuide” malware does. It gets installed on your device via the game guide, asks for permission – and if the user is not careful, is able to embed itself into the device so that it doesn’t get deleted. From there, all sorts of malicious things ensue.
The FalseGuide malware was discovered by security outfit Check Point, and is apparently hidden in around 50 apps in the Google Play Store. Each of these apps have around 50,000 installs, putting the malicious reach of the malware to around 800,000 devices. Check Point has notified Google about the malware, and it was swiftly removed from the Play Store. At the beginning of April, two new malicious apps were uploaded to Google Play containing this malware, and Check Point notified Google once again.
The FalseGuide malware requests an unusual permission on installation – device admin permission. Upon getting permission (if the user does not read these things upon installation), the malware can then avoid being deleted by the user. The malware then downloads more modules and installs it to the device. The modules can do anything from display pop-up ads for profit, or more maliciously, these modules can contain highly malicious code intended to root the device, conduct a DDoS attack, or even penetrate private networks.
The only proper response to this is to be mindful of the stuff you install, and be mindful of the permissions any app asks upon installation. If you see something weird in the permissions, make the safe choice to cancel the installation. Check out the source link for a comprehensive list of apps infected by this malware.
SOURCE: Check Point
