Guerilla
Guerilla is the name of an Android Trojan, which is used in threatening campaigns frequently, whose purpose is to boost the download count and ratings of applications found on the Google Play Store artificially. What is even more peculiar is that copies of the Guerilla backdoor were distributed via legitimate-looking applications that were hosted on the official Google Play Stor initially – a clear sign that the threat actors behind the project were able to bypass Google's security measures. According to reports from cybersecurity experts, the applications in question did not contain the entire payload of the Guerilla backdoor and, instead, they served the purpose of downloaders. When they were launched, they connected to a remote Command & Control server, retrieve Guerilla's payload, and executed it on the compromised device.
Once the Guerilla backdoor is active, it would generate a significant amount of network traffic that would go unnoticed by most users. The threat uses so much data because it downloads and installs applications from the Google Play Store continuously, gives them positive ratings and then deletes them. This process is repeated numerous times, and it appears that click-fraud is the primary purpose of this backdoor.
The Guerilla Trojan is Used to Boost the Rating of Play Store Applications Artificially
Although the Guerilla Trojan focuses on click-fraud, it also has support for additional commands that can be executed from the attacker's server to command the active copy of Guerilla to download and deploy an additional payload. This makes the Guerilla backdoor threatening exceptionally since it may introduce other high-profile malware to the infected Android device.
To avoid problems with threatening Android programs like the Guerilla Trojan, you should invest in a reputable mobile security product. Furthermore, you should be extra careful about the applications you download for your phone, regardless if they come from the Google Play Store or an alternative location. As you can see, excellent ratings and a high number of downloads is not legitimate proof that a program is trustworthy necessarily.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.