Would you believe that one of the places malicious apps are often found is in the Google Play Store? In fact, researchers have discovered nearly 50 malicious apps in the Google Play Store. As the official app store for Android gadgets, users trust that it is very secure. Most apps corrupted with malware are found in third party app stores.
Gadgets poisoned with malware earn criminals’ money with illegal mobile adware. Known as FalseGuide, the malware was disguised in nearly 50 forged companion guide apps for most of the trendy games out there, such as Pokemon Go, LEGO City My City, and FIFA Mobile.
Google was notified by researchers about these malicious apps, and most have been expunged from the Play Store. Unfortunately, many of them have been available since November 2016 and have already been downloaded over 50,000 times. A survey showed that 2 million users’ devices have been corrupted.
The malware constructs a silent botnet with the gadgets and utilizes them for adware. (A botnet is a group of gadgets that hackers have seized.) The hackers infect the gadgets with a virus and then use the power of the combined gadgets to execute large-scale scams. They can send hidden spam messages unbeknownst to the owner.
False Guide-infected gadgets sometimes reveal pop-up ads. This is how cyber-criminals earn their income. The more clicks, the more money they make. Beware of pop-up ads!
The criminals are ingenious at hiding the malware, which is how they were able to slip past even Google security protocol. Their apps look legit until downloaded. When downloaded, the app asks the user for authority. When the user gives permission, the user loses control, and the malware spreads into the gadget.
While criminals are now using this malware for adware purposes, this could easily change and become even more insidious. If users continue to authorize admin privileges, the criminals could change objectives to things like rooting users’ devices or instigating a DDoS attack.