Android Apps

New malware infects Play Store apps, nests itself in phone's root folder and downloads endless ads

Paul K. posted by Paul K.   /  Oct 15, 2015, 4:02 AM
Android developer Cheetah Mobile — known for products, such as Clean Master, CM Launcher, CM Security, and Battery Doctor — reports that it has discovered a nasty malware lurking in apps found in the official Play Store. Dubbed Ghost Push, it's a nasty, nasty trojan, which will reportedly nest itself in the phone's root folder and refuse to be removed unless special tools are used.

The malware is reported to have branched up in many variants, and is distributed through popular apps in forums, 3rd party app stores, and even Google's official Play Store. It is said that 900,000 Android devices across 116 countries have been infected. Apps that carry the trojan are repackaged versions of various calculators, smart or assistive touch apps, Talking Tom 3, and many others – usually popular software solutions that users would easily trust. Thankfully, the infected apps have been reportedly pulled from the Play Store and more popular app stores at the time of writing this article.

What Ghost Push and its branched-out siblings would do is they would nest themselves in the user's phone and then begin pushing ads, even installing other infected apps on the device. The end goal is to push as many ads as possible and the report suggests that the hackers have been making more than 4 million dollars per day.

Cheetah Mobile claims to have developed a tool that can find and get rid of Ghost Push infecting your device. You can find a link to its Play Store page below.

Download Ghost Push Trojan Killer

FEATURED VIDEO

Options

33 Comments

namesib
Reply

1. namesib

Posts: 97; Member since: Feb 08, 2015

I'm not downloading anything from this company.

posted on Oct 15, 2015, 4:10 AM

Swordylove
Reply

22. Swordylove

Posts: 209; Member since: Jun 27, 2015

Sorry for noob question, but what's wrong with them?

posted on Oct 15, 2015, 9:02 AM

Captain_Doug
Reply

2. Captain_Doug

Posts: 1037; Member since: Feb 10, 2012

4 million a day? Sounds like I should become a hacker. Although really, has anybody actually been a target of malware? I've been using android phones for 5+ years and have never dealt with any of this stuff and I do some shadier stuff like sideloading apps and using third party app stores.

posted on Oct 15, 2015, 4:12 AM

Tizo101
Reply

14. Tizo101

Posts: 572; Member since: Jun 05, 2015

I would like to know someone who got affected by all these malware, viruses or whatever they want to call them. I haven't seen any of these things first hand (since 2011)

posted on Oct 15, 2015, 5:20 AM

Arch_Fiend
Reply

15. Arch_Fiend

Posts: 3951; Member since: Oct 03, 2015

I've Never Had A Problem Either And I Use 3rd Party App Stores An Apk Downloads All The Time, Have Been Since 2010.

posted on Oct 15, 2015, 5:20 AM

elitewolverine
Reply

33. elitewolverine

Posts: 5192; Member since: Oct 28, 2013

I get to deal with them weekly actually. So much so that we have several articles on how to remove them. The latest one I dealt with was one that looked like a booster. It was a black box with a white rocket. Forget the name at this time (i deal with many different forms and the names change constantly), but it was downloading apps all by itself. We found and confirmed 25 unwanted app downloads. This is nothing new. From FBI porn lockout, to various others that may not prop up on sites like this. Its a crappy customer interaction because half of them have now clue how it got there and they think the carrier did it. And they loose trust in the device and want a warranty exchange which isn't always liked for simple software. But if a reset will not fix because of a root infect, then there is no other option for us.

posted on Oct 16, 2015, 8:25 PM

Biernot unregistered
Reply

3. Biernot unregistered

hey you have 10000 trojan on your phone download our app. Nice try ^^

posted on Oct 15, 2015, 4:15 AM

ArtSim98
Reply

4. ArtSim98

Posts: 3535; Member since: Dec 21, 2012

4 million a day? Damn.

posted on Oct 15, 2015, 4:16 AM

vivaapple
Reply

5. vivaapple

Posts: 31; Member since: Jun 02, 2015

Android serves it right.

posted on Oct 15, 2015, 4:26 AM

NoToFanboys
Reply

23. NoToFanboys

Posts: 3231; Member since: Oct 03, 2015

Is android an evil OS that does evil things to people? I do not get your logic of android deserving something like this. Put your hate on the ones developing the trojans, troll

posted on Oct 15, 2015, 9:06 AM

tacarat
Reply

6. tacarat

Posts: 854; Member since: Apr 22, 2013

So far I'm seeing the problem coming from side loaded or pirated apps. Even jail broken iPhone have that. I'm more curious about infected apps in the play store. Verification would be nice.

posted on Oct 15, 2015, 4:27 AM

RebelwithoutaClue unregistered
Reply

7. RebelwithoutaClue unregistered

The source is cheetah mobile? Hahaha I'll pass. Was very fond of Quickpic until they sold out to these guys and deleted it.

posted on Oct 15, 2015, 4:38 AM

Captain_Doug
Reply

8. Captain_Doug

Posts: 1037; Member since: Feb 10, 2012

It's still in the Play store. What do you mean they deleted it?

posted on Oct 15, 2015, 4:42 AM

RebelwithoutaClue unregistered
Reply

11. RebelwithoutaClue unregistered

I was very fond of Q.. I deleted it

posted on Oct 15, 2015, 4:49 AM

Captain_Doug
Reply

13. Captain_Doug

Posts: 1037; Member since: Feb 10, 2012

It still works doesn't it? Who cares who owns it. Just don't update it.

posted on Oct 15, 2015, 4:55 AM

RebelwithoutaClue unregistered
Reply

28. RebelwithoutaClue unregistered

Sorry but when I see an update I need to install it..

posted on Oct 15, 2015, 11:52 AM

hafini_27
Reply

19. hafini_27

Posts: 951; Member since: Oct 31, 2013

Just stay on 4.5.2 version. I can't find another gallery viewer as powerful and lightweight as Quickpic. Suck that it is now owned by freaking Cheetah Mobile though.

posted on Oct 15, 2015, 6:18 AM

RebelwithoutaClue unregistered
Reply

29. RebelwithoutaClue unregistered

I do miss it, I can always try and break the playstore link using Titanium, I can't stand seeing an update and not updating it

posted on Oct 15, 2015, 11:54 AM

GoBears
Reply

9. GoBears

Posts: 456; Member since: Apr 27, 2012

My ass nobody makes money from Android!

posted on Oct 15, 2015, 4:46 AM

JC557
Reply

10. JC557

Posts: 1921; Member since: Dec 07, 2011

Cheetah Mobile also develops the CM Browser that you guys suggested as a fast browsing alternative some time ago.

posted on Oct 15, 2015, 4:49 AM

kajam
Reply

12. kajam

Posts: 221; Member since: Jun 24, 2015

Where is the iSheep ????

posted on Oct 15, 2015, 4:53 AM

King_bilo
Reply

16. King_bilo

Posts: 115; Member since: May 20, 2015

Still in bed

posted on Oct 15, 2015, 5:54 AM

Zylam
Reply

25. Zylam

Posts: 1817; Member since: Oct 20, 2010

Android has malware that makes hackers money and you're calling for the isheep? To tell him what that Android has malware?

posted on Oct 15, 2015, 11:01 AM

Podrick
Reply

17. Podrick

Posts: 1285; Member since: Aug 19, 2015

Somebody makes money with Android.

posted on Oct 15, 2015, 5:59 AM

Acer_Predator unregistered
Reply

18. Acer_Predator unregistered

This is horrible .. these days you have no idea what is happeningwith our device.. and in future it will be x10 sophisticated.. Snowden said yhey can enable your mic in android phone or iphone while you have it in pocket.. really ridiculous!

posted on Oct 15, 2015, 6:13 AM

Odeira
Reply

20. Odeira

Posts: 300; Member since: Jun 29, 2012

Why do I have this gut feeling that Cheetah Mobile is the one CREATING all these malware and viruses so people are "compelled" to download their blood sucking antivirus and cleansing utilities, when all you really need to prevent ANY form of malware and virus is KNOW WHAT YOU'RE DOING IN THE FIRST PLACE...?

posted on Oct 15, 2015, 6:39 AM

elitewolverine
Reply

34. elitewolverine

Posts: 5192; Member since: Oct 28, 2013

I wouldn't be surprised. Lately at my job, people with multiple issues all have CM software installed. Once removed...no issues.

posted on Oct 16, 2015, 8:29 PM

SYSTEM_LORD
Reply

21. SYSTEM_LORD

Posts: 1168; Member since: Oct 05, 2015

I use third party apps because they allow things that go beyond the normal user experience. No one that doesn't have a rooted phone and knows about this stuff should be downloading third party apps anyways. If you're rooted, there's no reason why you shouldn't have a firewall anyways. Even if it downloaded itself (somehow), it wouldn't be able to do anything to your system. Firewall will alert you to any app that's downloaded, in order to get Internet permissions. Then you politely say "h3ll to the no. Deleted."

posted on Oct 15, 2015, 8:25 AM

LikeMyself
Reply

24. LikeMyself

Posts: 631; Member since: Sep 23, 2013

I'm pretty sure they themselves made that and then 'discovered' to make them look like a good company. Hate cm and even more now that they have QuickPic in their hands. For the 1st time quickpic has more incremental version number. It only had x.x.x before and now x.x.x.xxxxxxxxxxx

posted on Oct 15, 2015, 10:57 AM

Mfa901
Reply

26. Mfa901

Posts: 291; Member since: Jul 14, 2012

CM is a troll company...they bought quickpic and ruined it. now i have downloaded an older version from xda and also blocked it in firewall :I

posted on Oct 15, 2015, 11:09 AM

view all comments
Want to comment? Please Log in or sign up.

Featured stories

2020-iPhone-different-notch-Face-ID-wider-antenna-lines
2020 iPhones being tested with 'a few' different notch and Face ID setups
iPhone-11-Pro-Max-vs-Galaxy-Note-10
iPhone 11 Pro Max vs Galaxy Note 10+
Selfie-battle-iPhone-11-vs-Galaxy-Note-10-vs-iPhone-XR-vs-Pixel-3
Selfie battle: iPhone 11 vs Galaxy Note 10 vs iPhone XR vs Pixel 3
Google-Pixel-4-Review
Google Pixel 4 Review
Microsoft-Android-best-mobile-OS
Microsoft: 'Android is the best mobile OS'
google-pixel-4a-editorial
Ok Google, so when is the Pixel 4a coming?
Apple-AirPods-Pro-price-features-release-date-leak
Apple AirPods Pro to arrive this month with high price tag, noise cancelation
The-Google-Pixel-4-is-the-worst-value-phone-in-2019
The Google Pixel 4 is the worst value phone in 2019

Popular stories

t-mobile-simple-choice-subscribers-free-plan-upgrades
T-Mobile continues to reward more and more Simple Choice subscribers with free plan upgrades
The-Google-Pixel-4-is-the-worst-value-phone-in-2019
The Google Pixel 4 is the worst value phone in 2019
The-Pixel-4-XL-official-specs-features-release-date-price
The Google Pixel 4 and 4 XL are now official: 90Hz, face unlock, and killer cameras
YouTube-Music-for-Android-gets-gapless-playback
Here's why Pink Floyd's Dark Side of the Moon sounds better now on YouTube Music for Android
google-pixel-4a-editorial
Ok Google, so when is the Pixel 4a coming?
Motorola-Moto-G8-Plus-specs-release-date-leak
Motorola Moto G8 Plus leaks out, boasts triple rear camera and generous battery
Apple-AirPods-Pro-price-features-release-date-leak
Apple AirPods Pro to arrive this month with high price tag, noise cancelation
Samsung-patent-application-covers-phone-with-retractable-screen
Samsung patent contains cool technology that could debut on the Galaxy S11+

Hot phones

Latest Stories

View more
This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.