Lookout Finds Android Malware That’s Almost Impossible To Remove

San Francisco-based mobile security company Lookout said it has uncovered a new threat to the Android operating system the form of malware that disguises itself as a variety of well-known apps -- but that actually exposes devices to root attacks and is virtually impossible to remove.

The new malware has been found in software available from third-party app stores. The malware program insinuates himself in legitimate applications such as Twitter, Facebook, Snapchat Candy Crush, Google Now and WhatsApp. Lookout said it was able to identify and isolate about 20,000 malware samples in mobile applications.

Since the malware-infected versions of the apps have only been discovered in copies from third-party app stores, apps acquired from the Google Play Store should be free from the malware.

Perfect Copy

Most of the infected apps work in exactly the same way as the apps they copy, which means detecting the bad ones -- and therefore knowing which ones to uninstall -- is almost impossible for untrained users. With root access to a phone, the app can download automatically and become ingrained in the phoneEUs operating system, making it extremely difficult to delete. Once the infected app runs, it pushes ads to the userEUs phone.

Unlike previous types of adware that were apparent to all users and easily uninstalled, the new type of adware is dangerous because it works in the background, Lookout said. Because the malware canEUt be uninstalled by most users, the company said the primary options for those whose devices have been infected with the malware are either to take their devices to IT professionals or give up and buy new ones.

Lookout said the act of rooting the devices creates additional security risks for enterprises and individuals. Since other apps can get root access to the infected devices, they also get unrestricted access to files outside...

Comments are closed.