PSA: New Android Malware Discovered by Lookout Could be 'nearly impossible to remove'

Discussion in 'Android News' started by dgstorm, Nov 6, 2015.

  1. dgstorm

    dgstorm Editor in Chief
    Staff Member Premium Member

    Joined:
    Dec 30, 2010
    Messages:
    11,016
    Likes Received:
    3,979
    Trophy Points:
    823
    Location:
    Austin, TX
    Ratings:
    +4,254
    [​IMG]

    When it comes to Malware on Android, it doesn't really get much scarier than this. The security company, Lookout, has just found a new trojanized malware "strain" for Android and the worst part about it is that it can actually root itself to your device.

    According to Lookout's analysis, this new malware strain has been found on over 20,000 apps masquerading as legitimate top applications, including Candy Crush, Facebook, GoogleNow, NYTimes, Okta, Snapchat, Twitter, and others. The vast majority of these were found on third party download sites instead of the Google Play Store, but that doesn't mean you shouldn't be cautious even when downloading from there. The highest rates of infection are in Google Play-friendly countries like Germany and the US.

    What's especially troubling about this malware is that after it gains root access to your device it embeds itself as a system application. Lookout themselves claim this makes it "nearly impossible to remove." Only the most die-hard developer or tinkerer would be able to repair an infected phone by loading a completely fresh ROM or carefully modifying system files over ADB. This is obviously outside the capabilities of the average Android user, although many of our own members could tackle it.

    Still, it would be an annoying hassle just to save your device from an infection. As always be extra careful what you download, and go out of your way to make sure it is legitimate. For more details read Lookout's report here: Lookout discovers new trojanized adware; 20K popular apps caught in the crossfire | Lookout Blog

    Thanks for all of the tips!
     
    • Like Like x 3
  2. Mustang02

    Mustang02 Diamond Member

    Joined:
    Aug 8, 2010
    Messages:
    7,625
    Likes Received:
    5,115
    Trophy Points:
    1,563
    Location:
    Ohio
    Ratings:
    +6,073
    Current Phone Model:
    Nexus 6P/5X
    Here's an idea. Don't download from 3rd party sites....
     
    • Like Like x 4
    • Agree Agree x 4
    • Winner Winner x 1
  3. cynkrzy

    cynkrzy Platinum Member

    Joined:
    Feb 16, 2011
    Messages:
    713
    Likes Received:
    562
    Trophy Points:
    433
    Location:
    SLO
    Ratings:
    +635
    Current Phone Model:
    SCHI605
    Really ? If the best minds in our community can't root a whole host of devices, how can this Trojan ?
     
    • Like Like x 5
    • Winner Winner x 1
  4. dgstorm

    dgstorm Editor in Chief
    Staff Member Premium Member

    Joined:
    Dec 30, 2010
    Messages:
    11,016
    Likes Received:
    3,979
    Trophy Points:
    823
    Location:
    Austin, TX
    Ratings:
    +4,254
    That was the first thing I thought of when I found this story...
     
    • Like Like x 5
  5. thunderbolt_nick

    thunderbolt_nick Thunderbolt Rescue Squad
    Rescue Squad

    Joined:
    Nov 22, 2011
    Messages:
    1,194
    Likes Received:
    603
    Trophy Points:
    1,268
    Location:
    Orlando, FL
    Ratings:
    +724
    Current Phone Model:
    Nexus 6P
    Twitter:
    @nickburress2k2
    Fear mongering... That is what the industry has come to.

    Sent from my Nexus 6 using Tapatalk
     
    • Like Like x 2
    • Agree Agree x 1
  6. hammerhead13

    hammerhead13 Gold Member

    Joined:
    Jan 25, 2010
    Messages:
    1,204
    Likes Received:
    487
    Trophy Points:
    238
    Location:
    Florida
    Ratings:
    +571
    Current Phone Model:
    Samsung Galaxy Note8
    I wouldnt be too concerned if your Phone can't be Rooted in the First Place.
     
    • Like Like x 1
    • Agree Agree x 1
  7. Narsil

    Narsil Silver Member

    Joined:
    Nov 5, 2009
    Messages:
    790
    Likes Received:
    247
    Trophy Points:
    143
    Location:
    Central Florida
    Ratings:
    +300
    Well, if Candy Crush can permaroot my Verizon Note 4, tell me which RussoChinese appstore to download it. They can have my data.
     
    • Funny Funny x 2
    • Like Like x 1
  8. TisMyDroid

    TisMyDroid Super Moderator
    Staff Member

    Joined:
    Feb 16, 2011
    Messages:
    7,296
    Likes Received:
    3,031
    Trophy Points:
    578
    Location:
    Central New York
    Ratings:
    +3,327
    Current Phone Model:
    Samsung Note 3
    That was my first thoughts. It is a perfect way to get millions to download their app. Reminds me of those stupid websites that claim your PC has a virus but if you download this removal tool, you'll be fine. But instead of a virus removal tool, it's a trojan that pops up making it impossible to use your PC (had to get rid of the stupid thing twice for my mom's PC).

    Granted, lookout is supposed to be a reputable Android app, I can't help but think it's them trying to get more downloads.

    Sent from my SM-N920V using Tapatalk
     
  9. Ollie

    Ollie Droid Does

    Joined:
    Apr 13, 2012
    Messages:
    3,442
    Likes Received:
    2,103
    Trophy Points:
    1,468
    Location:
    South Coast
    Ratings:
    +2,483
    Current Phone Model:
    Note Edge - iPhone 6 Plus
    FUD.