Botnet-Creating FalseGuide Malware Removed From Google Play

Piracy Virus Malware Threat Hacking AH

Cyber security firm Check Point has warned users to be extra careful with the apps they download from the Google Play Store, as the security firm has discovered a malware that can convert smartphones of unsuspecting individuals into components of a massive botnet. The malware that has since been removed from the Google Play Store was named FalseGuide and was designed to take over smartphones and make them perform certain tasks without any knowledge of their owners. Once infected, the botnet composed of infected smartphones can root devices, perform DDoS attacks, steal data, and infiltrate private networks. The extent of the damage that can be done by smartphone-based botnets is not yet clear but botnets comprised of Internet-of-Things devices have conducted massive DDoS attacks in the past, including the attack on the DNS provider Dyn that recently took down numerous popular websites like Github, Twitter, and Reddit. At this point, around two million devices might have been affected by FalseGuide, Check Point claims.

FalseGuide infiltrates smartphones of unsuspecting owners through gaming guide apps available on the Google Play Store, the report reveals. Some of the applications identified to include FalseGuide are Guide for Mortal Kombat X, Guide for Slither.io, and Guide for Pokemon Go. The developer of FalseGuide may have decided to use the guide apps for games due to two factors. The first factor is that games in general are a popular type of apps, so it is easy to use their popularity by writing guides for gamers. The author of the malware may have also decided to make gaming guides since they are relatively easy to develop. In addition to the fact that these apps seem innocent and at times useful, they can escape any possible security checks from app stores, Check Point says. However, the malware begins downloading harmful code, usually adware, after the user downloads the infected app.

Check Point noted that the botnet created by FalseGuide is primarily used for adware purposes. However, this could serve as a model for other individuals who want to develop a botnet composed of smartphones for more destructive purposes. These new developments, including the recent discovery of rogue applications circumventing Google’s 2-step verification process, highlight the need for increased vigilance on users’ part, and all owners of Android devices are advised to exercise caution when downloading apps and not only rely on app stores for protection from potentially harmful software.