Check Point researchers have found new Android malware dubbed FalseGuide that has been part of 45 apps downloaded more than two million times from Google Play since November 2016.
This is not the first time the Play Store has contained infected apps, adware, fake apps, and more. Once notified by Check Point, Google quickly removed the apps.
The actual app is not infected and is a conduit to the command and control server that downloads the nasty bit.
That nasty bit creates a silent botnet out of the infected devices to serve adware. A botnet is a group of devices controlled by hackers without the knowledge of their owners.