Two million Android devices 'hit by Google Play malware'

By on
Two million Android devices 'hit by Google Play malware'

Researchers say they have discovered more than 45 apps laden with botnet malware.

A new strain of malware hidden inside apps on the Google Play store has infected close to two million Android devices over the past year, according to security researchers at Check Point.

The recently discovered malware, known as 'FalseGuide', has been found lurking in more than 45 Google Play store apps that provide guides and walkthroughs for mobile games, the researchers say.

At first it was believed the some apps may have been operating since February 2017, but further investigations revealed an app was uploaded to the store as early as November 2016.

Close to two million devices are thought to have been infected since that time, with some apps reaching 50,000 installs each, according to the Check Point researchers, who first discovered the strain. 

The firm initially alerted Google to the infected apps in March, which acted to remove them from the store. However, since then new apps laden with malware have been added which required further action from Google, Check Point said.

Once installed, the FalseGuide malware is able to hijack a device and add it to a larger botnet. The bots are then used for a number of purposes depending on their computing capabilities. These can include displaying illegitimate pop-up ads that contain malicious code, conducting distributed denial of service (DDoS) attacks against other targets, and even compromising private networks, according to researchers.

Hackers under the names of fake developers Sergei Vernik and Nikolai Zalupkin uploaded the apps over the course of six months, suggesting Russian connections - although the researchers point out that to Russian speakers, the latter name is clearly made up.

Check Point said that the app stands out from other downloads, as it requires the user to grant admin privileges during installation. Once granted, it uses these permissions to avoid detection by the user, and register to a cloud-based messaging topic to receive and download additional infected modules.

Game guides in particular are juicy targets for hackers, given the significant number of users they can reach and the ease with which they can be developed.

These will by no means be the only target however, and Check Point warned that it is important for users to be diligent when downloading apps to their devices, even when taken from official stores, saying: "Users shouldn't rely on the app stores for their protection, and implement additional security measures on their mobile device, just as they use similar solutions on their PCs."

Google was approached for comment.

This article originally appeared at IT Pro.

Copyright © ITPro, Dennis Publishing
Tags:

Most Read Articles

You must be a registered member of Business IT to post a comment.
| Register

Poll

How long has your business been operating?
Up to 2 years
2-5 years
5-10 years
More than 10 years
View poll archive

Log In

Username / Email:
Password:
  |  Forgot your password?