With every new day, you get the news of a bigger, scarier Android bug but trust us, this is one of the scariest things we’ve seen. As the security firm, Lookout has discovered a new adware threat which takes over your phone to root it automatically.
Traces of this new kind of Android adware are found inside 20,000 different apps as popular and diverse as Candy Crush, Facebook, Snapchat, NYTimes, and Whatsapp. The apps can take the same persona as a system application and gain root access to the device. In that case, the only option that remains would be to buy a new phone as it would be virtually impossible to uninstall.
Most of the junk comes from the three families of adware – Shuanet, ShiftyBug and Shedun – which in almost all of the cases forms the basis for the operations.
“At first, we wondered why someone would infect an enterprise two-factor authentication app in order to serve ads, neglecting the opportunity to harvest and exfiltrate user credentials. However, looking at the distribution portion of the command and control server, it appears that these families programmatically repacked thousands of popular apps from first-tier app stores like Google Play and its localized equivalents.”
The apps, apparently, don’t do anything other than supply ads, but with root access to your phone, they can get access to your personal data, install spyware and even get passwords. We understand that most, if not all of these apps are said to come from third-party app stores and not from Google Play itself.
The app seems to target users mostly from the US, Germany, Iran, Russia, India, Jamaica, Sudan, Brazil, Mexico and Indonesia.
The best way then to avoid this disaster is to avoid third-party stores at all costs and only install apps from developers you can fully trust. Because for all that we may know, your phone can get infected by any manner of third parties.