New malware infects Play Store apps, nests itself in phone's root folder and downloads endless ads
posted by Paul K.
/ Oct 15, 2015, 4:02 AM
The malware is reported to have branched up in many variants, and is distributed through popular apps in forums, 3rd party app stores, and even Google's official Play Store. It is said that 900,000 Android devices across 116 countries have been infected. Apps that carry the trojan are repackaged versions of various calculators, smart or assistive touch apps, Talking Tom 3, and many others – usually popular software solutions that users would easily trust. Thankfully, the infected apps have been reportedly pulled from the Play Store and more popular app stores at the time of writing this article.
What Ghost Push and its branched-out siblings would do is they would nest themselves in the user's phone and then begin pushing ads, even installing other infected apps on the device. The end goal is to push as many ads as possible and the report suggests that the hackers have been making more than 4 million dollars per day.
Cheetah Mobile claims to have developed a tool that can find and get rid of Ghost Push infecting your device. You can find a link to its Play Store page below.
Download Ghost Push Trojan Killer
33 Comments
1. namesib
Posts: 97; Member since: Feb 08, 2015
I'm not downloading anything from this company.
posted on Oct 15, 2015, 4:10 AM 13
22. Swordylove
Posts: 209; Member since: Jun 27, 2015
Sorry for noob question, but what's wrong with them?
posted on Oct 15, 2015, 9:02 AM 0
2. Captain_Doug
Posts: 1037; Member since: Feb 10, 2012
4 million a day? Sounds like I should become a hacker. Although really, has anybody actually been a target of malware? I've been using android phones for 5+ years and have never dealt with any of this stuff and I do some shadier stuff like sideloading apps and using third party app stores.
posted on Oct 15, 2015, 4:12 AM 8
15. Arch_Fiend
Posts: 3934; Member since: Oct 03, 2015
I've Never Had A Problem Either And I Use 3rd Party App Stores An Apk Downloads All The Time, Have Been Since 2010.
posted on Oct 15, 2015, 5:20 AM 2
33. elitewolverine
Posts: 5192; Member since: Oct 28, 2013
I get to deal with them weekly actually. So much so that we have several articles on how to remove them.
The latest one I dealt with was one that looked like a booster. It was a black box with a white rocket. Forget the name at this time (i deal with many different forms and the names change constantly), but it was downloading apps all by itself. We found and confirmed 25 unwanted app downloads.
This is nothing new. From FBI porn lockout, to various others that may not prop up on sites like this. Its a crappy customer interaction because half of them have now clue how it got there and they think the carrier did it. And they loose trust in the device and want a warranty exchange which isn't always liked for simple software. But if a reset will not fix because of a root infect, then there is no other option for us.
posted on Oct 16, 2015, 8:25 PM 0
3. Biernot unregistered
hey you have 10000 trojan on your phone download our app.
Nice try ^^
posted on Oct 15, 2015, 4:15 AM 9
5. vivaapple
Posts: 31; Member since: Jun 02, 2015
Android serves it right.
posted on Oct 15, 2015, 4:26 AM 1
23. NoToFanboys
Posts: 3231; Member since: Oct 03, 2015
Is android an evil OS that does evil things to people? I do not get your logic of android deserving something like this.
Put your hate on the ones developing the trojans, troll
posted on Oct 15, 2015, 9:06 AM 0
7. RebelwithoutaClue
Posts: 5473; Member since: Apr 05, 2013
The source is cheetah mobile? Hahaha I'll pass. Was very fond of Quickpic until they sold out to these guys and deleted it.
posted on Oct 15, 2015, 4:38 AM 5
8. Captain_Doug
Posts: 1037; Member since: Feb 10, 2012
It's still in the Play store. What do you mean they deleted it?
posted on Oct 15, 2015, 4:42 AM 0
11. RebelwithoutaClue
Posts: 5473; Member since: Apr 05, 2013
I was very fond of Q.. I deleted it
posted on Oct 15, 2015, 4:49 AM 1
13. Captain_Doug
Posts: 1037; Member since: Feb 10, 2012
It still works doesn't it? Who cares who owns it. Just don't update it.
posted on Oct 15, 2015, 4:55 AM 1
28. RebelwithoutaClue
Posts: 5473; Member since: Apr 05, 2013
Sorry but when I see an update I need to install it..
posted on Oct 15, 2015, 11:52 AM 0
19. hafini_27
Posts: 942; Member since: Oct 31, 2013
Just stay on 4.5.2 version. I can't find another gallery viewer as powerful and lightweight as Quickpic. Suck that it is now owned by freaking Cheetah Mobile though.
posted on Oct 15, 2015, 6:18 AM 1
29. RebelwithoutaClue
Posts: 5473; Member since: Apr 05, 2013
I do miss it, I can always try and break the playstore link using Titanium, I can't stand seeing an update and not updating it
posted on Oct 15, 2015, 11:54 AM 0
12. kajam
Posts: 220; Member since: Jun 24, 2015
Where is the iSheep ????
posted on Oct 15, 2015, 4:53 AM 1
18. Acer_Predator unregistered
This is horrible .. these days you have no idea what is happeningwith our device.. and in future it will be x10 sophisticated..
Snowden said yhey can enable your mic in android phone or iphone while you have it in pocket.. really ridiculous!
posted on Oct 15, 2015, 6:13 AM 1
20. Odeira
Posts: 300; Member since: Jun 29, 2012
Why do I have this gut feeling that Cheetah Mobile is the one CREATING all these malware and viruses so people are "compelled" to download their blood sucking antivirus and cleansing utilities, when all you really need to prevent ANY form of malware and virus is KNOW WHAT YOU'RE DOING IN THE FIRST PLACE...?
posted on Oct 15, 2015, 6:39 AM 3
34. elitewolverine
Posts: 5192; Member since: Oct 28, 2013
I wouldn't be surprised. Lately at my job, people with multiple issues all have CM software installed. Once removed...no issues.
posted on Oct 16, 2015, 8:29 PM 0
21. SYSTEM_LORD
Posts: 1168; Member since: Oct 05, 2015
I use third party apps because they allow things that go beyond the normal user experience. No one that doesn't have a rooted phone and knows about this stuff should be downloading third party apps anyways.
If you're rooted, there's no reason why you shouldn't have a firewall anyways. Even if it downloaded itself (somehow), it wouldn't be able to do anything to your system. Firewall will alert you to any app that's downloaded, in order to get Internet permissions. Then you politely say "h3ll to the no. Deleted."
posted on Oct 15, 2015, 8:25 AM 0
24. LikeMyself
Posts: 624; Member since: Sep 23, 2013
I'm pretty sure they themselves made that and then 'discovered' to make them look like a good company. Hate cm and even more now that they have QuickPic in their hands. For the 1st time quickpic has more incremental version number. It only had x.x.x before and now x.x.x.xxxxxxxxxxx
