Cyber Firm Warns Of Trojanized Malware Found In 20000 Android Apps; Expect More To Come

Cyber security firm Lookout has sounded the alarm bells anew, as it has recently found a "trojanized" form of malware in about 20,000 android apps.

Among the popular applications that have been "infected" by this malicious adware are Candy Crush, Facebook, GoogleNow, NYTimes, Okta, Snapchat, Twitter, WhatsApp, and many others, according to Michael Bentley of Lookout.

Bentley explained that the creators of this malware have "re-packaged" and injected the malicious code into thousands of Google play applications, which later on have found their way into third-party app stores.

Surprisingly, the targeted apps have so far remained functional despite the adware being downloaded into the affected devices.

But with this latest kind of trojanized malware which has been found in 20000 android apps, it is now possible to install third party applications without the consent of users.

This poses a huge security risk for enterprises and individuals alike, as other app developers can have root access to the same devices and files which are even outside the latter's domain.

For a year, Lookout conducted a study on three interconnected families of malware which included Shuanet, Shiftybug and and Ghostpush.

The study revealed that Shuanet "auto roots" the device and hides in the system directory, Shiftybug installs secondary payload applications, while Ghostpush has been identified as another type of trojanized malware.

As compared to older kinds of malware, which were obnoxious and therefore fairly easy to spot, the trojanized malware found in 20,000 android apps cannot be easily detected, as it silently works in the background.

But what is most worrisome about this new type of adware is that it not only hides itself very well in the root, but can no longer be uninstalled from the device it has wormed itself into.

This leaves owners with two choices: seek professional help to remove the malware, or buy a new device altogether.

Meanwhile, the message board of Ars Technica was inundated with comments from members who gave their views on the trojanized malware that have been found in 20,000 android apps.

deus01 posted, "Just another reminder that you should either steer clear of 3rd Party App Stores or know how to be careful (e.g. by using more reputable 3rd party App Stores like F-Droid/Amazon)."

"As always, the #1 thing you can do to keep your phone clean is not install random crap from Chinese and Russian (or other) pirate app 'stores'. Always worked for me," oldtaku shared.

"Unless the exploits are somehow overwriting the bootloaders, how is a reflash the system ROM from recovery not all that is required to remove the malware?" sryan2k1 asked.

Aside from Lookout, many cyber-security experts believe that the trojanized malware found in 20,000 android apps is only the tip of the iceberg, as other more sophisticated adware are expected to be released.

Join the Discussion

Latest News

Real Time Analytics