It’s called FalseGuide and is just one of the latest malware scanned within the “safe area” of Google, namely the Play Store: as the name implies, this malware waits its prey within applications disguised as guides for Video games.
When installing fake guide on your device, here’s what FalseGuide comes into action, first requiring a particular privilege during installation; little attention or little knowledge causes many users to accept, and from here on the road the malware goes in action: it is impossible to uninstall the application, which is also able to download additional modules and install them on the device.
Unwanted advertisements that appear on the display, or worse DDoS (distributed denial of service) attacks or private network inputs, are some of the operations that these modules can accomplish.
A DDos in particular may have serious impact on your mobile or on your connection, this kind of attack consists in sending hundred thousands packets of data in a short interval of time. What happens then? The host is overloaded and it cannot handle all that stuff.
It happened a lot of times in the history and many web services adopted new ways to protect their infrastructures from these kind of attacks.
According to the Check Point study, malware would be present in over fifty applications on the Play Store, each with about 50,000 installations.
The company announced the discovery to Google that promptly removed the apps, but at the beginning of April there are two new apps on FalseGuide, fortunately already reported by Check Point to Google. We hope they will remove them as far as possible.
In short, the only way to safeguard your device from these risks is to pay attention to the applications we decide to install, and to read which permissions are required: if there is any doubt, it is best for you to discard the installation.