This Android Malware Secretly Roots Your Phone and Installs Programs

BY

Published 22 Jun 2016

NSFW AI Why trust Greenbot

We maintain a strict editorial policy dedicated to factual accuracy, relevance, and impartiality. Our content is written and edited by top industry professionals with first-hand experience. The content undergoes thorough review by experienced editors to guarantee and adherence to the highest standards of reporting and publishing.

Disclosure

Android users, beware! A new type of malware has been found in legitimate-looking apps. That can root your phone secretly and install unwanted programs.
The malware, dubbed Godless, lurks on app stores, including Play. It targets devices running Android 5.1 Lollipop and earlier. Which accounts for more than 90 percent of Android devices, Trend Micro said in a blog post.
Godless hides inside an app that uses and exploits to try to root the OS on your phone. This creates admin access to a device, allowing unauthorized apps to be installed.
Godless contains various exploits to ensure it can root a device. It can even install spyware, Trend Micro said.
A newer variant can also bypass security checks at app stores like Play. Once the malware has finished rooting, it can be tricky to uninstall.
Trend Micro said it found various apps in Play that contain malicious code.

docs 3
The company said that the malicious apps we’ve seen that have this new remote routine range from utility apps. Like flashlights and Wi-Fi apps to copies of a popular game.
Some apps are clean but have a corresponding malicious version that shares the same developer certificate. The danger is that users install the pure app and then upgrade to the evil version without knowing.

Distribution of Affected Devices

So far, Trend says it has seen 850,000 affected devices. With almost half in India and more in other southeast Asian countries. Less than 2 percent were in the U.S.
In the light of downloading apps, regardless if it’s a utility tool or a popular game. Users should always review the developer. Trend said that unknown developers with very little or no background information may be the source of these malicious apps.
It’s also best to download apps from trusted stores such as Play or Amazon. And, of course, Trend recommends you buy some mobile security software.