'Godless' Malware Is Attacking Android Devices

...

Researchers at Trend Micro recently discovered new Android-based malware called Godless, which targets devices running Android Lollipop or earlier.

As Trend Micro points out, that covers almost 90 percent of Android devices.

"Based on the data gathered from our Trend Micro Mobile App Reputation Service, malicious apps related to this threat can be found in prominent app stores, including Google Play, and has affected over 850,000 devices worldwide," the company said in a statement.

According to Trend Micro, Godless uses a framework called "android-rooting-tools" to gain root access to Android-based devices. From there, the malware phones home and receives instructions from its creators. Trend Micro says Godless often surreptitiously downloads unwanted apps, and is capable of displaying malicious ads. It can also install backdoors and "spy on users," the researchers say.

Godless has evolved, researchers said. "Recently, we came across a new Godless variant that is made to only fetch the exploit and the payload from a remote command and control (C&C) server," they said. "We believe that this routine is done so that the malware can bypass security checks done by app stores, such as Google Play."

Trend Micro points to an app known as Summer Flashlight as one that was malicious; it does not appear to be live in Google Play anymore.

"We have also seen a large amount of clean apps on Google Play that has corresponding malicious versions—they share the same developer certificate—in the wild," Trend Micro says. "The versions on Google Play do not have the malicious code. Thus, there is a potential risk that users with non-malicious apps will be upgraded to the malicious versions without them knowing about apps' new malicious behavior."

That is a violation of the Google Play's terms and conditions, Trend Micro notes.

Looking ahead, Trend Micro warned Android users to "review the developer" when downloading apps. "Unknown developers with very little or no background information may be the source of these malicious apps," it wrote.

Categories
APPLICATIONS
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    Google Play Gets "Family Library," so You Can Share Purchases With Up to 6 People

    Today, Google is introducing the Google Play Family Library, giving families the opportunity to share purchases from Google Play across accounts, so that everyone always has access to movies, TV shows, apps, games, and books.As noted above, if opted-in, you will be able to share “eligible” apps, games, movies, TV shows, and books with up to six (6) family members.
  • 5300c769af79e

    iPhone 6 Owners Sue Apple Over 'Touch Disease'

    According to a class-action suit, filed last week in California, the company concealed a material design defect that causes iPhone 6 and 6 Plus touch screens to become unresponsive.Citing iPhone repair pros, teardown experts iFixit last month reported a slew of problems caused by a strain on the handset's internal touch-screen chips.
  • 5300c769af79e

    DEAL: Save $5 on Chromecast and Chromecast Audio

    The dongles I’m talking about are the Chromecast and Chromecast Audio of course, two products from Google that turn TVs and speakers into Cast-ready devices for modern day stream-a-thons.With a $5 discount, you are looking at spending just $30 for each.
  • 5300c769af79e

    Google Lists More Places to Find Android TV, Changes for Android N

    Not only did Google explain where potential Android TV users could find the platform in new 2016 TV and set-top hardware from various companies, but also explained a few changes we will see once Android N hits the platform.If buying a new TV with Android TV baked in sounds like the best way to get your fix, Google states that new sets from Sony (2016 BRAVIA line) and RCA will have Android TV built in.