‘Ghost Push’ Malware Infects 600K Android Users Daily, Say Security Researchers

Image

Android users are being warned of a newly discovered type of malware that has recently infected hundreds of thousands of devices each day. Security researchers at Android developer Cheetah Mobile claim to have found a virus – dubbed ‘Ghost Push’ – being packaged in seemingly legitimate applications downloaded from non-Google app stores. “This is the most widespread and infectious virus we’ve currently seen,” said the company in a blog post.

“So far, ‘Ghost Push’ has affected 14,857 phone types and 3,658 brands.” 

Cheetah Mobile explained that the virus works by installing unwanted apps – such as ‘Monkey test’ and ‘Time service’ – on a user’s device, which cannot be easily removed even after performing a factory reset or using typical antivirus software. After gaining root access, the virus has been known to download ads, slow down devices, drain battery life and consume significant cellular data. Ultimately, the hackers are looking to make money from these ads and apps that are being downloaded by unsuspecting users, the security researchers said. The company said it first became aware of the issue after more and more users were asking for help on how to remove these uninstallable apps from their devices.

Image

Source: Cheetah Mobile According to Cheetah Mobile, nearly 40 apps have now been infected with the Ghost Push virus, including WiFi Enhancer, TimeService, Assistive Touch, All-star Fruit Slash, Super Mario and Simple Flashlight, which are found in app stores and popular forums other than Google Play. The particular malware has mainly spread through Europe, Russia, the Middle East region and southern China. Android users are asked to remain especially vigilant when downloading applications from unofficial app stores. “Your best bet is to make sure you’re going through the official developer website to download an app," said the company.