Security researchers have come across a new kind of Android malware, which purports to be a well-known app but then exposes your phone to root attacks—and is virtually impossible to remove.
The new malware has been found in software available on third-party app stores. The apps in question use code from official software that you can download from Google Play like Facebook and Twitter, reports Ars Technica, so they initially seem innocuous and even provide the exact same functionality.
But in fact they’re injected with malicious code, which allows them to gain root access to the OS. In turn, a series of exploits are installed on the device as system applications, which makes them incredibly hard—for most people, impossible—to remove.
Mercifully, the three types of observed malware, known as Shedun, Shuanet, and ShiftyBug, don’t seems to do much other than display ads at the moment. But their OS privileges mean that they could in theory be exploited to gain access to your private data.
The spread of the malware seems to have been automated: the team’s already seen over 20,000 of the modified apps, notably in the US, Germany, Iran, Russia, India, Jamaica, Sudan, Brazil, Mexico, and Indonesia. There are currently no signs that the malware has made its way to the official Play Store. So, for now, you it just pays to be careful if you go downloading apps from third-party stores.
Image by SimonQ錫濛譙 under Creative Commons license.