Security researchers have come across Android malware, which masquerades as well-known applications but then exposes your phone to root attacks. It is reportedly virtually impossible to remove.
The malware has been found in software available on third-party app stores. The apps in question use code from official software that you can download from Google Play like Facebook and Twitter, reports Ars Technica, so they initially seem innocuous and even provide the exact same functionality.
But in fact they’re injected with malicious code, which allows them to gain root access to the OS. In turn, a series of exploits are installed on the device as system applications, which makes them incredibly hard (for most people, impossible) to remove.
Mercifully, the three types of observed malware, known as Shedun, Shuanet, and ShiftyBug, don’t seem to do much other serve ads. But their OS privileges mean that they could in theory be exploited to gain access to your private data.
The spread of the malware seems to have been automated: the team’s already seen over 20,000 of the modified apps, notably in the US, Germany, Iran, Russia, India, Jamaica, Sudan, Brazil, Mexico, and Indonesia. There are currently no signs that the malware has made its way to the official Play Store. So, for now, it just pays to be careful if you go downloading apps from third-party stores. [Lookout via Ars Tecnica]
Image by SimonQ錫濛譙 under Creative Commons licence.