In the last year been an unprecedented increase in the number of vulnerabilities and viruses on the Android platform, where were found a threat for more than a billion devices, as well as its more modern version. Now experts have discovered a new virus that is virtually impossible to remove by standard methods after exposure.
The experts found 20 000 malicious apps that masquerade as popular apps and services: Candy Crush, Facebook, GoogleNow, NYTimes, Snapchat, Twitter, WhatsApp. After downloading the infected app virus gains root access and is operating quietly in the background, while the user program runs as usual.
For the user, the virus becomes non-removable: device can not be cured with the help of uninstall any programs or reset the system in which there is reinstalling the OS. In the case of infection the Lookout experts suggest that you either contact the service center or buy a new device.
As stressed by the researchers, the Trojan you can catch, just by downloading apps in third party stores. While Google Play — official store — is above suspicion. The risk zone includes the U.S., Germany, Russia, India, Iran, Jamaica, Sudan, Brazil, Mexico and Indonesia.
Only the researchers identified three types of malware that works that way. Shuanet holds AutoRecovery device and hides in a file directory. Kemoge (or ShiftyBug) also rathet smartphone and puts the application with malicious code. Shedun (or GhostPush) — works according to the same scheme. As a rule, applications are not allowed to access the system files of other applications, but if the virus has obtained root access, then this restriction is removed.
While all three types of BSOD is identical to 70-80 percent, which may indicate that they belong to one or several hackers.