More Than 50% of Android Phone Are Still Vulnerable to Ghost Push Malware

By Tom Pritchard on at

It's been quite some time since the world became aware of the Ghost Push trojan, and it turns out more than half the Android phones in use are still at risk. Why? Because they haven't been updated to newer versions of the OS yet.

Ghost Push is able to infect devices running Android Lollipop or lower, which accounts for a whopping 57% of Android devices currently in use. Any devices running Marshmallow or Nougat are safe, but the nature of Android means there are far fewer devices running the newer software.

Researchers at mobile security firm Cheetah Mobile claim that most infections come from pirated or open-source apps installed from somewhere other than Google Play, and that the Ghost Push family "represent most infections". The firm also claims that porn sites and deceptive advertising also play a part in helping the malware spread. I'd directly link to their report, but the website got flagged by my own anti-virus software. That's rather unfortunate for them.

Once installed, Ghost Push will display deceptive or pornographic pages, promote sites that install even more malware, push adverts into the notification bar, and attempt to trick users into paying for malicious services.

To avoid infection Cheetah Mobile recommends only downloading apps from Google Play, and avoiding clicking links to unknown third-party websites. It's also a good idea to update to newer versions of Android, if that's possible, and install an anti-virus app for added protection. [TechRadar]