Skip to content ↓ | Skip to navigation ↓

Android users are being reminded to only install apps from the official Google Play store or trusted third parties, after new research has revealed an alarming number of devices continue to be infected by a notorious family of malware.

Security researchers at Cheetah Mobile Security claim that it is responsible for most of the Android infections seen, typically spreading via deceptive adverts and pornographic websites.

The Ghost Push malware isn’t new – at its peak, the malware is said to have infected over 600,000 Android devices each day – but it continues to pose a real threat, rooting smartphones and tablets in its attempt to display revenue-generating ads and snoop on unsuspecting users.

Ghost Push displays ads

According to the research, Ghost Push has been updated many times in the last years, and three different members of the malware family are being installed more than 10,000 times each day.

Currently the malware is able to root all versions of Android up to and including version 5, also known as Lollipop, in order to install further malicious code.

So, if you’re one of those lucky users running Android 6 (Marshmallow) or the latest Android 7 (Nougat) on your device, you shouldn’t have any reason to lose sleep over the Ghost Push malware just yet.

But there lies the problem. The latest released figures, show that the majority of people are still running Android Lollipop or earlier meaning that they are vulnerable to being hit by Ghost Push.

Versions of Android being used

Yes, Marshmallow adoption is on the rise (and one hopes that Nougat will follow), but when you compare the take-up of new versions of Android compared to Apple iOS it’s clear that one ecosystem does a much better job of getting its users to upgrade to the latest version of their OS, protecting against security vulnerabilities, than the other.

Ghost Push tricks users

Why aren’t Android users updating their operating systems to more secure versions? Unfortunately, in many cases, updates simply are simply not made available.

If you buy a smartphone manufactured by Google, you’re probably going to have a route for receiving new Android operating system updates within a reasonable amount of time.

The problem for owners of many other devices is that carriers, smartphone manufacturers and Google all have to work in unison to get an update pushed out to users. And they just don’t seem to have enough incentive to pull together in the right direction for the benefit of their customers.

It’s no wonder that some Android users feel abandoned, and find themselves having to venture into the cloudy waters of installing third-party ROMs like CyanogenMod that receive regular updates. However, this is a path that only the technically-savvy are going to feel comfortable pursuing.

My advice? If possible, use a smartphone which receives regular security updates and exercise caution about where you download your apps from. Although the official Google Play store is far from perfect, it’s clearly safer to download your apps from there than putting your trust in third-party sources.


Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc