Million of users hit by Malware

MILLIONS of mobile gamers have been hit with malware after mistakenly downloading tips and guides for popular mobile games, including Pokemon Go and FIFA Mobile. Here's how to avoid the terrifying new virus.

Millions of mobile gamers have been tricked into downloading game guides laced with malware.

Dubbed FalseGuide, was hidden in more than 40 apps in the Google Play Store disguised as guides for hugely-popular mobile games, including Pokémon Go and FIFA Mobile.

When smartphone players downloaded the fraudulent game guide to their Android phone – the app would install malware and create a "silent botnet" out of the infected devices.

This allowed hackers to harness the collective power of all the infected phones without ever alerting the device owners.

FalseGuide request admin permissions upon instalment, which prevents victims from deleting the fake game guide from their device.

According to researchers at CheckPoint, cybercriminals have been using this scam since November 2016.

Since then,

That's a terrifyingly large network of infected phones.

Thanks to its wide-ranging permissions, FalseGuide is able to download additional malware to the infected device, Check Point claims.

Depending on the cybercriminals' objectives, that malware can be used to root the device – gaining access to the smartphone owners' personal data, remotely conduct a DDoS attack, or penetrate private networks.

"The apps were uploaded to the app store as early as November 2016, meaning they hid successfully for five months, accumulating an astounding number of downloads," CheckPoint researchers Oren Koriat, Andrey Polkovnichenko and Bogdan Melnyko wrote in a blog post.

"The updated estimate now includes nearly 2 million infected users." 

The official blog adds: "Mobile botnets are a growing trend since early last year, growing in both sophistication and reach.

"This type of malware manages to infiltrate Google Play due to the non-malicious nature of the first component, which only downloads the actual harmful code.

"Users shouldn’t rely on the app stores for their protection, and implement additional security measures on their mobile device, just as they use similar solutions on their PCs."

CheckPoint has already alerted Google to the malware – and the US search company swiftly ditched the fake game guides from the Play Store.

Earlier this month, two new fraudulent applications were uploaded to the Play Store containing the FalseGuide malware.

CheckPoint notified Google again, and the apps were removed.

Those who have downloaded a fake game guide containing the FalseGuide malware need to remove the software immediately.

To ensure the app is successfully deleted, head to your Android device's settings menu and revoke the app from its "Device Admin" privileges.

Once this has been revoked, the FalseGuide app can be removed successfully.

參考來源