Android users beware! A new type of Android malware has been discovered that cannot be removed. Experts are recommending infected users simply buy a another phone entirely.
Researchers have discovered a new type of Android malware in over 20,000 apps, posing as popular titles, including Facebook, Candy Crush, Snapchat, and more. The apps work fine – which is why many Android phone users do not realize at first that they’ve been hit. This makes the virus even more nefarious.
The virus enters people’s phones using apps downloaded from third party sites. The culprits, whoever they are, take a legitimate app from the Google Play store (which by the way, as of now is still perfectly safe), incorporate the adware into the app’s code, and serve it to third party vendors.
The malware was first found by the mobile security firm Lookout Security. The company has described virus as ‘trojanized adware’ and said it might be the heralding of a new wave of cybercriminal activity.
Once installed, the virus gains access to the phone’s system through the app’s auto-root function. From there, the app will force ads upon the Android user, generating a lot of money for the culprit. This is the reason why malicious people infect computers or phones with adware.
So far Lookout has found over 20,000 apps infected with adware. It says that adware viruses mostly fall into one of three categories: Shedun, Shuanet and ShiftyBug. Although they are usually independently written, the advent of this sort of “auto-rooting adware” is “a worrying development in the Android ecosystem”.
“For individuals, getting infected with Shedun, Shuanet and ShiftyBug might mean a trip to the store to buy a new phone. Because these pieces of adware root the device and install themselves as system applications, they become nearly impossible to remove, usually forcing victims to replace their device in order to regain normalcy,” said Michael Bently of Lookout Security
Even factory resetting your phone may not be enough to remove the virus. Some techies have said that reflashing the ROM chip of the phone may be effective but most people do not have the technical prowess to do that.
Many are worried that the malware or others like it may be able to gain access to sensitive corporate or government information by penetrating a phone’s security.
“In this rooted state, an everyday victim won’t have the proper interface to control what apps on the phone request root access. The problem here is that these apps may gain access to data they shouldn’t have access to, given their escalated privileges,” said Lookout Security.
The most infected Android community so far is the United States, followed by Germany. Other countries that have been hit hard include Iran, Russia, India, Jamaica, Sudan, Brazil, Mexico, and Indonesia.
Android is currently scrambling to do damage control. For anyone with an Android phone, the best recourse at the moment is to only download apps from the Google Play Store.
“We believe more families of adware trojanizing popular apps will emerge in the near future and look to dig its heels into the reserved file system to avoid being removed,” predicts Lookout Security.