1. Mobile

Watch out! This Android malware melds to your OS, and is near impossible to delete

By

history of malware android
Security company Lookout is warning Android device owners about a new type of malware app, which not only secretly roots your phone, but also installs itself as a system application — making it extremely difficult to remove. How difficult? If you’re not technically inclined enough to entirely replace the ROM, then a brand-new phone may be the easiest way to escape its clutches.

Lookout refers to the virus as trojanized adware, and it’s hiding inside apps that appear to be legitimate versions of very popular apps, including Facebook, Twitter, Candy Crush, NYTimes, Google Now, Snapchat, and WhatsApp. The company has even seen compromised versions of two-step authentication app Okta.

However, before you start desperately trying to uninstall those apps from your phone, the malware-infected versions aren’t the originals, and have only been discovered in third-party app stores, not Google Play. If you’ve only been playing inside Google’s store, then you should be fine.

The infected apps are very clever. Lookout has detected 20,000 examples, and most work in exactly the same way as the apps they copy, making it more difficult for you to detect and therefore, less likely to try and uninstall it. With root access to your phone, the app becomes ingrained in the OS, which is how it becomes almost impossible to delete. Once up and running, ads will be pushed to your phone, and worse, apps can be downloaded and installed without your consent. Why? Because delivering ads and installing apps make the attackers money.

Apps infected with the trojans — known as Shuanet, Kemoge/ShiftyBug, and Shedun/GhostPush — have been discovered in many parts of the world, with the U.S, Germany, Iran, Russia, India, Jamaica, Sudan, Brazil, Mexico, and Indonesia being the worst hit, according to the report. Lookout warns this type of adware attack will only get more sophisticated, and make better use of root access to a phone, over time.

If you’ve been downloading apps from Android app stores other than Google Play (Amazon is probably safe too), and are worried you may have fallen victim to the trojanized adware, there’s a sure way to find out. Remember, the infected apps almost certainly cannot be uninstalled. If you can drag and uninstall the app, chances are it’s fine. Lookout doesn’t provide a complete list of apps that have been targeted by the malware, but does say it’s popular “first-tier” apps that are repackaged and sent out.

Editors' Recommendations

How to download music from YouTube

How to use Plex to manage and play all of your media, everywhere

plex-roku-1

How to turn your old phone into a security camera

How to switch from iPhone to Android: The ultimate guide

Google Pixel 4 and 4 XL Hands on

4G vs. LTE: The differences explained

AirPods Pro, Samsung Galaxy Buds discounted for Memorial Day

man wearing wireless earbuds

5 tablet deals you can’t afford to miss this Memorial Day

5 Microsoft Surface deals you can’t afford to miss this Memorial Day

Best Memorial Day iPad Sales 2020: iPad 10.2 and iPad Pro

5 Apple deals you can’t afford to miss this Memorial Day

The 5 best tech deals in the Best Buy Memorial Day Sale

iPad 10.2-inch slide over multiple

Now is your last chance to get the Apple Watch Series 5 at its lowest-ever price

apple airpods watch series 5 deals best buy bh photo spring sale review hero 2 768x768

The 5 best tech deals in the Amazon Memorial Day Sale

amazon kindle

Best Memorial Day Sales 2020: The deals are rolling in

How to unlock your iPhone to use it with another carrier