New Android Exploit Can Install Apps Remotely On Your Phone

Despite all the recent initiatives and monthly security updates from Google, it is fair to say that threats to your privacy are still prevalent on Android. The latest threat comes in the form of a ransomware exploit kit, which affects most devices.

This Android exploit problem is unique in that it doesn’t require an installation of malicious software or wrongdoing on the user’s part, and can take place automatically without requiring special permissions. As a result, your phone can be infected just by visiting any potentially infected website.

The researchers at Blue Coat labs first noticed it when an infected Javascript-containing ad loaded from a website in their lab environment. This is the first time, according to the team, that someone has been able to pull off such a threat.

The phone which is quite useless by then can be restored to its original state by paying a fine or by sending an iTunes gift card to the perpetrators. The exploit used by this kind of malware is the one used by Hacking Team and Towelroot to cause intrusion in devices.

The threat is said to affect devices running Android 4.0 (Ice Cream Sandwich) to Android 4.3 (Jelly Bean) with 4.4 KitKat also said to vulnerable. Since these three combined make up 56.9 percent of all Androids, this automatically becomes a very serious threat.

Thankfully, if you are affected the way out is rather simple: a good old factory reset of the device. The process will delete any malicious app installs and make your phone as good as new. It is a good idea to back up the data on an external drive or a PC before carrying out that process.