Connect with us

Hi, what are you looking for?

Tech & Science

Thousands of Android apps infected with ‘unremovable’ malware

ZDNet reports that the malware was discovered by mobile security specialists Lookout Security. The criminals are taking official apps from Google Play, extracting the downloaded package and modifying the code to include malicious components before uploading it to a third-party app store. The app will continue to look like the official version and will usually operate as normal. Behind the scenes, the malicious code planted by the hacker is being run.
This code roots the device as it is installed from the third-party store by the user. It then obtains system-level access and begins injecting advertisements into as much on-screen content as it can find, making its creators some serious money in the process. It runs silently in the background and is virtually impossible to remove without seeking professional help or performing a complete system reset.
Lookout Security has found over 20,000 repackaged apps carrying the malware on third-party app stores. Titles including Facebook, Twitter, WhatsApp and Snapchat are affected. The researchers say antivirus apps appear to have been specifically excluded as hosts, indicating the hackers are carefully planning their attacks. The thousands of apps that are being repackaged are generated programmatically by command-and-control servers.
Three distinct families of trojanized adware have been found. They are called Shedun, Shuanet and ShiftyBug and appear to be created by different authors who are associated “in some capacity.” There is a high level of code similarity between all three with some variants sharing as much as 82 percent of their code.
Lookout believes more families are likely to emerge in the future and that trojanized adware will continue to grow and gain firmer holds on the devices it infects. The company said: “We expect this class of trojanized adware to continue gaining sophistication over time, leveraging its root privilege to further exploit user devices, allow additional malware to gain read or write privileges in the system directory, and better hide evidence of its presence and activities.”
The majority of Android users can at least find some relief as all the apps identified so far are hosted on third-party app stores. There is currently no indication that the adware has infected titles on Google’s official Play Store which remains the safest place to download new apps.

Written By

You may also like:

Tech & Science

Under new legislation that passed the House of Representatives last week, TikTok could be banned in the United States.

Social Media

Wanna buy some ignorance? You’re in luck.

Life

Platforms like Instagram and Pinterest often suggest travel destinations based on your likes and viewing habits.

Business

United Airlines CEO Scott Kirby said the carrier was reviewing recent incidents and would redouble safety initiatives as needed - Copyright AFP Logan CyrusUnited...