Google has announced the demise of the mountain goat adware, Chamois from the Play Store platform. The adware has a history of infecting millions of Android devices, previously, before being put down now.
Chamois had a history of allowing pop-ups on infected devices, deceiving users into downloading apps through by showing fake images. Once it was in your phone, the malware would be harder to get rid of since it didn’t appear in the app drawer.
Chamois could send texts from the infected phone throughout the globe, incurring further costs, and download infected plugins and further apps.
How Was Chamois Detected?
The malware was found during routine ad traffic quality evaluation. Chamois was initially hard to detect due to its use of “obfuscation and anti-analysis techniques”, before finally breaking through its defense.
The adware type was unique in that it was perhaps the first malware system on mobile which featured encryption to secure the malicious code and infected files. Such intricate mechanisms are usually seen in the desktop category in the case of Banking Trojans, among others.
Apps installed were hard to get rid of, since they didn’t appear in the app drawer of your phone. They weren’t helped by the fact that they constantly changed formats, from APK to JAR and ELF, making them hard to pin down.
Google has so far kicked all the apps and developers which exploited the adware. It has updated the Verify Apps vault to include protection against such players, emphasizing once again over the need to use such a system while installing apps.