June 23, 2016 by

Mobile Malware Leaves 90% Android Devices Vulnerable

A new family of malware, known as Godless, has been discovered as a serious exploit that leaves “virtually any Android device running Android 5.1 (Lollipop) or earlier,” vulnerable. That’s nearly 90% of all Android phones.

Researchers at Trend Micro Labs have uncovered a new family of mobile malware, aptly named Godless (detected as ANDROIDOS_GODLESS.HRX), that can virtually exploit any Android device running on Lollipop or earlier. Alarmingly, that’s nearly 90% of all Android devices currently being used around the world.

If that isn’t terrifying already, malicious applications that spread the malware were located by researchers on various app stores, including the biggest Android app store of them all – Google Play. The numbers get worse. The malware has already nearly a million devices around the world.

Rooted in Hell

The malware uses the open-source rooting framework called android-rooting-tools, a toolkit which typically bestows advanced admin and root privileges to its users. Or in this case, the malware.

The malware, in addition to the potentially devastating root privilege, can also receive malicious instructions from attackers to then download and install other malware applications in the background. While such threats typically end with unwanted apps and ads, they can also be wielded to install backdoors on targeted users.

Related read: 100 Million Android Devices at Risk Due to Baidu SDK Vulnerability

When a user unknowingly installs the malicious application, the malware pauses, waiting for the screen of the targeted device to be turned off. The malware then proceeds to root the device. Following the rooting procedure, the payload is installed as a system app. This particular action makes the malware even harder to remove.

Some of the malicious applications spreading the malware include utility apps such as flashlight apps and Wi-FI apps.

Trend Micro recommends that users always check to see a developer’s credibility before installing any application. The cybersecurity firm has not listed a fix. It’s blog post read:

There is absolutely nothing wrong with rooting one’s mobile device. It can have several benefits in terms automation, performance, and basically getting the most out of a device. But when a malware roots a phone without a one’s knowledge, that’s where the fun stops.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Security Researchers Uncover ‘World’s Most Powerful Android Spyware’

Security researchers at Kaspersky have uncovered a new form of Android spyware with capabilities...

Read more arrow_forward

This Android CryptoMining Malware is Capable of Destroying Android Phones

Cybersecurity researchers have discovered a “jack of all trades” cryptocurrency mining malware...

Read more arrow_forward

Second Largest Android Malware Outbreak Infects 21 Million Victims

Security researchers claim to have discovered the second largest outbreak to hit Google’s Android...

Read more arrow_forward