Lookout has come across a new miscreant adware that has a clever knack of rooting your device after installing it, after which it entrenches itself in the form of a system application, making it immune to any normal means of getting rid of it, including factory resetting.
This seems to be a new advanced version of typical adware that has an annoying tendency of pushing ads to the user. The fact that it has root access doesn’t need to be much of a nuisance to the user since many users will probably be oblivious of any infection in their devices. The features of this adware make it a unit of Trojan viruses.
As discovered by Lookout, this Trojan unit hides inside normal apps such as Google Now, Candy Crush, Facebook, Okta, Whatsapp and so much more. Infected versions of these apps are not found on Google Play Store but on third party platforms. Since most encounters with this malware leave no evident effects on the host app, many users will hardly notice it and will go on using their devices as usual for quite some time before any weird behaviours from their phones come to their attention.
The seriousness of the effects of this malware is that it cannot be removed easily and in most cases, the user will be compelled to buy a new phone since it is immune to almost every knack of getting rid of it. Infected devices are at risks of identity theft and fraud since the designers of this malware have the power in their hands to do anything they wish, leaving you and your device at their mercy. Nobody would want to be a puppet to some villain mind somewhere, thus you’ll be compelled to buy a new phone altogether.
Three families of this kind of Trojan malware have been identified: Shuanet, ShiftyBug/Kemoge and GhostPush. Despite coming from different designers, it has been discovered that 77% of the coding of these malwares is similar, meaning that even if the designers of these ills are not working together at this, they are at least aware of one another’s existence. The most rampant infection rates have been reported in Germany, the United States, Iran, India, Russia, Jamaica, Brazil, Sudan, Indonesia and Mexico.
Android devices have been affected by so many malwares of this kind. Probing into this matter, one might be tempted to think that this is due to the easy way matters are being handled when it comes to making of smartphones where no much seriousness is put into the security updates as well as poor support among other things. This easy carefree attitude around the smartphone ecosystem has subjected Android devices to quite a number of security vulnerabilities. This is where Android OEMs come into question. That’s food for thought though.
Since this seems to be such a serious form of malware whose effects are almost irreversible, the only way to stay safe it is sticking to trusted platforms such as Google Play Store faithfully since the malware is found on third party stores, most of which are not focused on the security of apps as much as the traffic of apps on the platform.