Tuesday, March 19, 2024

Nearly 2 Million Android User Attacked by “FalseGuide” Malware in Google Play Store – Beware

[jpshare]A New Malware called “FalseGuide” Attacked Google Play Store users Nearly 2 Million Android User Infected along with Five additional apps and hide itself in Play store Almost 5 months since Nov 2016.

Earlier Stage of this Malware Reached over 50,000 Installations, and hidden with 40 guide apps for games.

“FalseGuide” Malware developed by Russian  “Анатолий Хмеленко.”(Anatoly Khmelenko)  who Specially Target the game Downloaders in Google Play Store .

Latest Discovered malware in google play such as MilkyDoor ,Bankbot are having Capability of infect the Enterprise Network and spreading  botnet to Android users ,same as FalseGuide also not much Different for those Play store malware.

According to the Checkpoint Researchers ,FalseGuide creates a silent botnet out of the infected devices for adware purposes and silently control the infected users Android Mobile by Hackers without their knowledge.

Checkpoint said ,FalseGuide requests an unusual permission on installation – device admin permission. The malware uses the admin permission to avoid being deleted by the user, an action which normally suggests a malicious intention. The malware then registers itself to a Firebase Cloud Messaging topic which has the same name as the app.

 FalseGuide DDoS attack Capability:

“FalseGuide” display illegitimate pop-up ads in victims Mobiles by using background services when Device Starts Booting and its will gain the root access and then taking control the victims device for doing Botnet activities .

Even more “FalseGuide” Hijack the Mobile Network and Performing DDoS attack to infected Networks.

Major Reason for  FalseGuide infection:

  1. Checkpoint Researchers explained, First, guiding apps are very popular, monetizing on the success of the original gaming apps.

2. Second, guiding apps require very little development and feature implementation.

This The malicious apps were submitted under the names of two fake developers – Sergei Vernik and Nikolai Zalupkin who is Belongs to Russia.

Checkpoint Team Finally Reported to Google Security team and it was swiftly removed from the app store.

Also Read :

Mass Scan Revealed More Than 30000 Windows Computers Infected by NSA backdoor DoublePulsar

Creating and Analyzing a Malicious PDF File with PDF-Parser Tool

Google strengthen it’s defence against Ransomware to Attack Android

Website

Latest articles

Beware Of Free wedding Invite WhatsApp Scam That Steal Sensitive Data

The ongoing "free wedding invite" scam is one of several innovative campaigns aimed at...

Hackers Using Weaponized SVG Files in Cyber Attacks

Cybercriminals have repurposed Scalable Vector Graphics (SVG) files to deliver malware, a technique that...

New Acoustic Keyboard Side Channel Attack Let Attackers Steal Sensitive Data

In recent years, personal data security has surged in importance due to digital device...

Discontinued WordPress Plugin Flaw Exposes Websites to Cyber Attacks

A critical vulnerability was discovered in two plugins developed by miniOrange.The affected plugins,...

ShadowSyndicate Hackers Exploiting Aiohttp Vulnerability To Access Sensitive Data

A new Aiohttp vulnerability has been discovered, which the threat actor ShadowSyndicate exploits.Aiohttp...

Hackers Launching AI-Powered Cyber Attacks to Steal Billions

INTERPOL's latest assessment on global financial fraud uncovers the sophisticated evolution of cybercrime, fueled...

Fujitsu Hacked – Attackers Infected The Company Computers with Malware

Fujitsu Limited announced the discovery of malware on several of its operational computers, raising...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles