Lookout has come across a new miscreant adware that has a clever knack of rooting your device after installing it, after which it entrenches itself in the form of a system application, making it immune to any normal means of getting rid of it, including factory resetting.

This seems to be a new advanced version of typical adware that has an annoying tendency of pushing ads to the user. The fact that it has root access doesn’t need to be much of a nuisance to the user since many users will probably be oblivious of any infection in their devices. The features of this adware make it a unit of Trojan viruses.

As discovered by Lookout, this Trojan unit hides inside normal apps such as Google Now, Candy Crush, Facebook, Okta, Whatsapp and so much more. Infected versions of these apps are not found on Google Play Store but on third party platforms. Since most encounters with this malware leave no evident effects on the host app, many users will hardly notice it and will go on using their devices as usual for quite some time before any weird behaviours from their phones come to their attention.

QUICK NOTE: Free firmware downloads are made possible thanks in part to OVH Hosting & Dedicated Servers – Updato's #1 choice for hosting and storage solutions! Show your support and check 'em out.

The seriousness of the effects of this malware is that it cannot be removed easily and in most cases, the user will be compelled to buy a new phone since it is immune to almost every knack of getting rid of it. Infected devices are at risks of identity theft and fraud since the designers of this malware have the power in their hands to do anything they wish, leaving you and your device at their mercy. Nobody would want to be a puppet to some villain mind somewhere, thus you’ll be compelled to buy a new phone altogether.

Three families of this kind of Trojan malware have been identified: Shuanet, ShiftyBug/Kemoge and GhostPush. Despite coming from different designers, it has been discovered that 77% of the coding of these malwares is similar, meaning that even if the designers of these ills are not working together at this, they are at least aware of one another’s existence. The most rampant infection rates have been reported in Germany, the United States, Iran, India, Russia, Jamaica, Brazil, Sudan, Indonesia and Mexico.

Android devices have been affected by so many malwares of this kind. Probing into this matter, one might be tempted to think that this is due to the easy way matters are being handled when it comes to making of smartphones where no much seriousness is put into the security updates as well as poor support among other things. This easy carefree attitude around the smartphone ecosystem has subjected Android devices to quite a number of security vulnerabilities. This is where Android OEMs come into question. That’s food for thought though.

Since this seems to be such a serious form of malware whose effects are almost irreversible, the only way to stay safe it is sticking to trusted platforms such as Google Play Store faithfully since the malware is found on third party stores, most of which are not focused on the security of apps as much as the traffic of apps on the platform.

View Comments


unlock your phone

Easily and safely unlock your phone for any network provider in just minutes.

Get Started

LATEST FROM YOUTUBE:

What's my model number?

There are several ways to locate your model number:

Option 1
On your device, go to Settings, then "About device" and scroll down to "Model number"
Option 2
Often times you can view the model number inside the device, by removing the battery
Option 3
Using Samsung's model/serial number location tool

Looks like you're using an ad blocker.

We get it: ads aren't what you're here for...

But ad revenue is our only way to manage this site. Without ad revenue we won't be able to continue to provide quality content and free firmware downloads.

Please disable your ad blocker or whitelist Updato.com in order to continue into Updato's ad-light experience.

Thanks for your support!