‘Dubbed Godless’, a new type of malware has been originated in legitimate-looking apps that can “root” users phone and secretly put in unwanted programs. So, it’s high time for Android users to beware, the malware, has been found lurking on app stores including Google Play, and it targets devices running Android 5.1 (Lollipop) and earlier, which accounts for more than 90 percent of Android devices, according to Trend Micro revealed in a blog post.
How it destroys your phone- Godless buries inside an app and uses exploit to try to root the OS on your phone. This basically generates admin access to a device, allowing unlawful apps to be installed. Godless also includes a variety of exploits to make sure it can root a device, and it can even install spyware. Trend Micro said it found various apps in Google Play that contain the malicious code.
“The malicious apps we’ve seen that have this new remote routine range from utility apps like flashlights and Wi-Fi apps, to copies of popular game,” the company said.
While, some apps are spotless but have an equivalent spiteful version that shares the same developer certificate. The danger there is that users install the clean app but are then upgraded to the malicious version without them knowing. So far, Trend says it has seen 850,000 affected devices, with almost half in India and more in other Southeast Asian countries. Less than 2 percent were in the U.S.
“When downloading apps, regardless if it’s a utility tool or a popular game, users should always review the developer. Unknown developers with very little or no background information may be the source of these malicious apps,” Trend said.