June 23, 2016 by

Mobile Malware Leaves 90% Android Devices Vulnerable

A new family of malware, known as Godless, has been discovered as a serious exploit that leaves “virtually any Android device running Android 5.1 (Lollipop) or earlier,” vulnerable. That’s nearly 90% of all Android phones.

Researchers at Trend Micro Labs have uncovered a new family of mobile malware, aptly named Godless (detected as ANDROIDOS_GODLESS.HRX), that can virtually exploit any Android device running on Lollipop or earlier. Alarmingly, that’s nearly 90% of all Android devices currently being used around the world.

If that isn’t terrifying already, malicious applications that spread the malware were located by researchers on various app stores, including the biggest Android app store of them all – Google Play. The numbers get worse. The malware has already nearly a million devices around the world.

Rooted in Hell

The malware uses the open-source rooting framework called android-rooting-tools, a toolkit which typically bestows advanced admin and root privileges to its users. Or in this case, the malware.

The malware, in addition to the potentially devastating root privilege, can also receive malicious instructions from attackers to then download and install other malware applications in the background. While such threats typically end with unwanted apps and ads, they can also be wielded to install backdoors on targeted users.

Related read: 100 Million Android Devices at Risk Due to Baidu SDK Vulnerability

When a user unknowingly installs the malicious application, the malware pauses, waiting for the screen of the targeted device to be turned off. The malware then proceeds to root the device. Following the rooting procedure, the payload is installed as a system app. This particular action makes the malware even harder to remove.

Some of the malicious applications spreading the malware include utility apps such as flashlight apps and Wi-FI apps.

Trend Micro recommends that users always check to see a developer’s credibility before installing any application. The cybersecurity firm has not listed a fix. It’s blog post read:

There is absolutely nothing wrong with rooting one’s mobile device. It can have several benefits in terms automation, performance, and basically getting the most out of a device. But when a malware roots a phone without a one’s knowledge, that’s where the fun stops.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

Second Largest Android Malware Outbreak Infects 21 Million Victims

Security researchers claim to have discovered the second largest outbreak to hit Google’s Android...

Read more arrow_forward

Dangerous Android Banking Trojan, SVPENG, modified with a Keylogger

In mid-July this year, it was discovered that a well-known banking malware,...

Read more arrow_forward

Android Ransomware App Threatens Spread of Pictures & Messages

Security researchers have uncovered a new form of ransomware that does not encrypt files to extort...

Read more arrow_forward