An unremovable Android malware
Security researchers have come across a new type of Android malware exposing your phone to root attacks and making it impossible to remove from the system. The new malware has been found in software available on third-party app stores.
These apps uses code from official software which can be downloaded from Google Play Store which resembles the exact same functionality. But in fact they're injected with malicious code, which allows them to gain root access to the OS. In turn, a series of exploits are installed on the device. Mercifully, the three types of observed malware, known as Shedun, Shuanet, and ShiftyBug, don't seems to do much other than display ads at the moment. But their OS privileges mean that they could in theory be exploited to gain access to your private data.
The spread of the malware seems to have been automated: the team's already seen over 20,000 of the modified apps, notably in the US, Germany, Iran, Russia, India, Jamaica, Sudan, Brazil, Mexico, and Indonesia. So, for now, just be careful if you go downloading apps from third-party stores.
"Unlike older types of adware that were obvious and obnoxious, prompting users to uninstall them, this new type of adware is silent, working in the background," Lookout says.
"We work to make sure that all apps available on Google Play pass stringent policy checks, including checks for potentially harmful behavior," says Google.
Comments
Post a Comment