Skip to main content

Watch out! This Android malware melds to your OS, and is near impossible to delete

Security company Lookout is warning Android device owners about a new type of malware app, which not only secretly roots your phone, but also installs itself as a system application — making it extremely difficult to remove. How difficult? If you’re not technically inclined enough to entirely replace the ROM, then a brand-new phone may be the easiest way to escape its clutches.

Lookout refers to the virus as trojanized adware, and it’s hiding inside apps that appear to be legitimate versions of very popular apps, including Facebook, Twitter, Candy Crush, NYTimes, Google Now, Snapchat, and WhatsApp. The company has even seen compromised versions of two-step authentication app Okta.

Recommended Videos

However, before you start desperately trying to uninstall those apps from your phone, the malware-infected versions aren’t the originals, and have only been discovered in third-party app stores, not Google Play. If you’ve only been playing inside Google’s store, then you should be fine.

The infected apps are very clever. Lookout has detected 20,000 examples, and most work in exactly the same way as the apps they copy, making it more difficult for you to detect and therefore, less likely to try and uninstall it. With root access to your phone, the app becomes ingrained in the OS, which is how it becomes almost impossible to delete. Once up and running, ads will be pushed to your phone, and worse, apps can be downloaded and installed without your consent. Why? Because delivering ads and installing apps make the attackers money.

Apps infected with the trojans — known as Shuanet, Kemoge/ShiftyBug, and Shedun/GhostPush — have been discovered in many parts of the world, with the U.S, Germany, Iran, Russia, India, Jamaica, Sudan, Brazil, Mexico, and Indonesia being the worst hit, according to the report. Lookout warns this type of adware attack will only get more sophisticated, and make better use of root access to a phone, over time.

If you’ve been downloading apps from Android app stores other than Google Play (Amazon is probably safe too), and are worried you may have fallen victim to the trojanized adware, there’s a sure way to find out. Remember, the infected apps almost certainly cannot be uninstalled. If you can drag and uninstall the app, chances are it’s fine. Lookout doesn’t provide a complete list of apps that have been targeted by the malware, but does say it’s popular “first-tier” apps that are repackaged and sent out.

Andy Boxall
Andy is a Senior Writer at Digital Trends, where he concentrates on mobile technology, a subject he has written about for…
How to control which apps access your location on iOS and Android

 

Do you feel comfortable knowing that an invisible force follows you, shadowing your every move all day every day? It sees specific places you go and the duration of your stay. It follows your route around town and then your return back home. How, you ask? Through your smartphone and apps.

Read more
How to find out your Android phone’s model number
Samsung Galaxy S21 Ultra

Chances are you already know the make and model of the phone you own. Unless your smartphone was a hand-me-down from a friend or family member, you most likely bought it on the basis of it being a particular model with particular features. However, you may not be entirely sure of the specific model number of your phone. This number can vary even among the same type of phone, so that a Samsung Galaxy S21, for example, can have one of several different numbers.

Finding the exact model number can be necessary if you need to have your phone repaired or if you're selling your phone online and want to provide precise info to potential buyers. Either way, finding your Android phone's model number is pretty easy, and we explain how to do it in this article for a variety of Android phone manufacturers. We also explain the difference between your Android phone's model number and its serial number, as well as the difference between these and the IMEI number.

Read more
This one iPadOS 26 feature has me excited for the iPhone Fold
Semi-open state of a foldable iPhone concept

Samsung is set to launch the seventh generation of its Galaxy Z Fold book-style folding phone this Summer, but its biggest rival is yet to show its folding phone hand. Apple has long been expected to unveil an iPhone Fold, and the latest rumors suggest that it will launch next year.

I’ve used almost every folding phone released globally, with some exceptions for extremely obscure ones. While I've always been curious what an iPhone Fold would look like, I was fairly certain that Apple shouldn't build it, as I wasn’t sure they could deliver on one necessary feature.

Read more