'Godless' Malware Is Attacking Android Devices

...

Researchers at Trend Micro recently discovered new Android-based malware called Godless, which targets devices running Android Lollipop or earlier.

As Trend Micro points out, that covers almost 90 percent of Android devices.

"Based on the data gathered from our Trend Micro Mobile App Reputation Service, malicious apps related to this threat can be found in prominent app stores, including Google Play, and has affected over 850,000 devices worldwide," the company said in a statement.

According to Trend Micro, Godless uses a framework called "android-rooting-tools" to gain root access to Android-based devices. From there, the malware phones home and receives instructions from its creators. Trend Micro says Godless often surreptitiously downloads unwanted apps, and is capable of displaying malicious ads. It can also install backdoors and "spy on users," the researchers say.

Godless has evolved, researchers said. "Recently, we came across a new Godless variant that is made to only fetch the exploit and the payload from a remote command and control (C&C) server," they said. "We believe that this routine is done so that the malware can bypass security checks done by app stores, such as Google Play."

Trend Micro points to an app known as Summer Flashlight as one that was malicious; it does not appear to be live in Google Play anymore.

"We have also seen a large amount of clean apps on Google Play that has corresponding malicious versions—they share the same developer certificate—in the wild," Trend Micro says. "The versions on Google Play do not have the malicious code. Thus, there is a potential risk that users with non-malicious apps will be upgraded to the malicious versions without them knowing about apps' new malicious behavior."

That is a violation of the Google Play's terms and conditions, Trend Micro notes.

Looking ahead, Trend Micro warned Android users to "review the developer" when downloading apps. "Unknown developers with very little or no background information may be the source of these malicious apps," it wrote.

Categories
APPLICATIONS
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    Tesla's Future Plans: Trucks, Solar Batteries, Ride-Sharing

    It calls for the company to expand into self-driving semi trucks, roof-mounted solar batteries, and ride-sharing initiatives.In his post, Musk restated his opinion that in order to quickly progress, SolarCity, of which he is chairman and a major shareholder, should become integrated -- meaning acquired by -- Tesla.
  • 5300c769af79e

    Data Products: 9 Best Practices To Minimize Risk

    The path to success isn't always obvious, however, so here are a few best practices to keep in mind.Essentially, we're leveraging all the data that's available out there and aggregating data to create unique value and solutions that up until today were not possible.
  • 5300c769af79e

    Verizon's National Trade-In Event Kicks Off Today, Up to $300 for Your Used Smartphone

    Starting today, existing customers on Verizon or those looking to make the switch to Big Red can get up to $300 when they trade-in their existing smartphone.Better yet, even if your current smartphone has a cracked screen, Verizon will offer you a DROID Turbo 2 or DROID MAXX 2.
  • 5300c769af79e

    These are the Top Allo Suggestions You Made to Google

    Since launching Allo a few weeks back, the Allo team at Google has been compiling the suggestions you have submitted that you think could help improve the smart messaging app.Googler and Allo co-lead, Justin Uberti, took to Twitter last night to share the top suggestions, though he was quick to make it clear that this is just a list of suggestions, not a list of future features they plan to include.