Security experts warn that about 2 million Android devices are potentially infected by new malware hiding from more than 40 applications, dubbed 'FalseGuide' that offers game guides for Pokémon GO and Fifa.
According to Check Point, the malicious apps were uploaded in Google Play since November 2016. FalseGuide malware offers walkthroughs of popular games and takes full control of the device without the user's knowledge.
Upon installing a malicious app, FalseGuide asks administrator permission. If the user agrees with the term, the malware can prevent itself from being deleted from the device. After that, the malware will be registered to cloud-based messaging services to allow the hackers to send commands to the device. Eventually, the malware gets the full access of the device and the hackers could use it to launch cyber-attacks.
Cybersecurity firm explains that FalseGuide aims to make a 'silent botnet' on the infected device to use it for adware purposes. Usually, botnets are used in a cyber crime that consists a list of infected devices like the internet of things (IoT) products and computers, although it depends on the objective of the hacker on how to control the device. It can be used to send a DDoS attack, to root the device, or enter private networks.
The security experts also reveal that the malicious apps were submitted to Google Play Store by two fake developers using the names Nikolai Zalupkin and Sergei Vernik, which are believed to be Russian connections.
If you want to delete an app that contains FalseGuide malware, go to the security setting of your phone and revoked the app from being a Device Admin.
Meanwhile, last April 18, a Dutch cybersecurity firm discovered a financial fraud Trojan called 'BankBot' on Google Play.