New malware infects Play Store apps, nests itself in phone's root folder and downloads endless ads
posted by Paul K. / Oct 15, 2015, 4:02 AM
The malware is reported to have branched up in many variants, and is distributed through popular apps in forums, 3rd party app stores, and even Google's official Play Store. It is said that 900,000 Android devices across 116 countries have been infected. Apps that carry the trojan are repackaged versions of various calculators, smart or assistive touch apps, Talking Tom 3, and many others – usually popular software solutions that users would easily trust. Thankfully, the infected apps have been reportedly pulled from the Play Store and more popular app stores at the time of writing this article.
What Ghost Push and its branched-out siblings would do is they would nest themselves in the user's phone and then begin pushing ads, even installing other infected apps on the device. The end goal is to push as many ads as possible and the report suggests that the hackers have been making more than 4 million dollars per day.
Cheetah Mobile claims to have developed a tool that can find and get rid of Ghost Push infecting your device. You can find a link to its Play Store page below.
Download Ghost Push Trojan Killer
Posts: 1037; Member since: Feb 10, 2012
4 million a day? Sounds like I should become a hacker. Although really, has anybody actually been a target of malware? I've been using android phones for 5+ years and have never dealt with any of this stuff and I do some shadier stuff like sideloading apps and using third party app stores.
posted on Oct 15, 2015, 4:12 AM 8
Posts: 5192; Member since: Oct 28, 2013
I get to deal with them weekly actually. So much so that we have several articles on how to remove them. The latest one I dealt with was one that looked like a booster. It was a black box with a white rocket. Forget the name at this time (i deal with many different forms and the names change constantly), but it was downloading apps all by itself. We found and confirmed 25 unwanted app downloads. This is nothing new. From FBI porn lockout, to various others that may not prop up on sites like this. Its a crappy customer interaction because half of them have now clue how it got there and they think the carrier did it. And they loose trust in the device and want a warranty exchange which isn't always liked for simple software. But if a reset will not fix because of a root infect, then there is no other option for us.
posted on Oct 16, 2015, 8:25 PM 0
Posts: 31; Member since: Jun 02, 2015
Android serves it right.
posted on Oct 15, 2015, 4:26 AM 1
Posts: 5473; Member since: Apr 05, 2013
The source is cheetah mobile? Hahaha I'll pass. Was very fond of Quickpic until they sold out to these guys and deleted it.
posted on Oct 15, 2015, 4:38 AM 5
Posts: 1037; Member since: Feb 10, 2012
It's still in the Play store. What do you mean they deleted it?
posted on Oct 15, 2015, 4:42 AM 0
Posts: 942; Member since: Oct 31, 2013
Just stay on 4.5.2 version. I can't find another gallery viewer as powerful and lightweight as Quickpic. Suck that it is now owned by freaking Cheetah Mobile though.
posted on Oct 15, 2015, 6:18 AM 1
Posts: 220; Member since: Jun 24, 2015
Where is the iSheep ????
posted on Oct 15, 2015, 4:53 AM 1
This is horrible .. these days you have no idea what is happeningwith our device.. and in future it will be x10 sophisticated.. Snowden said yhey can enable your mic in android phone or iphone while you have it in pocket.. really ridiculous!
posted on Oct 15, 2015, 6:13 AM 1
Posts: 300; Member since: Jun 29, 2012
Why do I have this gut feeling that Cheetah Mobile is the one CREATING all these malware and viruses so people are "compelled" to download their blood sucking antivirus and cleansing utilities, when all you really need to prevent ANY form of malware and virus is KNOW WHAT YOU'RE DOING IN THE FIRST PLACE...?
posted on Oct 15, 2015, 6:39 AM 3
Posts: 1168; Member since: Oct 05, 2015
I use third party apps because they allow things that go beyond the normal user experience. No one that doesn't have a rooted phone and knows about this stuff should be downloading third party apps anyways. If you're rooted, there's no reason why you shouldn't have a firewall anyways. Even if it downloaded itself (somehow), it wouldn't be able to do anything to your system. Firewall will alert you to any app that's downloaded, in order to get Internet permissions. Then you politely say "h3ll to the no. Deleted."
posted on Oct 15, 2015, 8:25 AM 0
Posts: 624; Member since: Sep 23, 2013
I'm pretty sure they themselves made that and then 'discovered' to make them look like a good company. Hate cm and even more now that they have QuickPic in their hands. For the 1st time quickpic has more incremental version number. It only had x.x.x before and now x.x.x.xxxxxxxxxxx
posted on Oct 15, 2015, 10:57 AM 0
Send a warning to post author
Send a warning to Selected user.
The user has 0 warnings currently.
Next warning will result in ban!
Ban user and delete all posts
Message to PhoneArena moderator (optional):