Why it matters to you
If you phone gets infected with this malware, not only could you get unwanted ads, but you could also be vulnerable to other attacks.
While Google has been pushing monthly security updates, manufacturers like Samsung unfortunately often delay on pushing these updates to customers. The result? According to Google, half of Android devices did not receive security updates in 2016. That’s particularly problematic when malware like FalseGuide shows up, as it gives that malware an opportunity to take advantage of more unprotected phones.
“FalseGuide creates a silent botnet out of the infected devices for adware purposes. A botnet is a group of devices controlled by hackers without the knowledge of their owners,” says Check Point in a blog post. “The bots are used for various reasons based on the distributed computing capabilities of all the devices.”
Issues arise when the apps are downloaded, after which they’ll request administrator permissions, which can then be used against the owner of the phone. For now, it appears as though those permissions allow the app to deliver “illegitimate pop-up ads out of context,” but they could also be used to instigate DDoS attacks.
The malware was first discovered a few days ago, and appeared in a hefty 44 game guide apps. Those apps were since removed, but another five apps with the malicious code were then discovered. Scarily enough, some of these apps were uploaded as early as November 2016 — so they stayed on the Google Play Store for around 5 months before being taken down. As far as users impacted by the malware, Check Point estimates between 500,000 to 1.8 million users. Thankfully, of the 49 infected apps, 28 of them were downloaded less than 10 times and seven of them were apparently never downloaded.
It’s unlikely the Google Play Store will ever be totally safe — but it is the safest place to download Android apps. For now, it’s important to download only official apps, and stick with the ones that you trust.