Leave a comment

Fake malware apps can't be removed

Fake malware apps can't be removed
PHOTO COURTESY OF SHUTTERSTOCK

It hasn't been a great week for Android security news. First, the popular Samsung S6 Edge got a harsh security review; then Google patched a number of Android flaws, but you probably won't get the update; and now a new type of Android malware has been discovered.

In fact, it's three families of malware called Shedun, Shuanet and ShiftyBug, and they've been found in more than 20,000 popular apps. Once one of these gets on your phone, they can take total control, and the only way to get rid of them is to re-flash your computer's ROM (very technical) or buy a new gadget (very expensive). So, you definitely don't want to get them.

The reason these apps are so dangerous is that they get root access to your phone. Some people "root" their phones on purpose so they can install apps that the operating system wouldn't normally allow. However, you don't want a virus to do it.

Most apps only have limited access to your phone's operating system; just enough to do their job. However, root access means that an app can change the very foundations of the operating system. In this case, the virus even changes the recovery part of Android, so even a factory reset won't get rid of it.

There is some good news, however. Remember when we said that these viruses are in at last 20,000 popular apps? Those apps are repackaged.

What hackers like to do is download popular legitimate apps from the Google Play Store, such as Facebook, Twitter, Instagram, Angry Birds or this silly lucky cactus app. Then they slip in malicious code and upload these apps to third-party app stores around the world. In the case of paid apps, they'll post them for free to attract people.

If you download the malicious version of the app, it works just like the real one, but behind the scenes it's taking over your gadget or stealing information. So, the best thing you can do to stay safe is to only use the Google Play Store for downloading apps. If you do download and install an app not in the store, you'll want to do it from a reputable company.

To make extra sure you're safe, you can turn off "Unknown Sources" in Android. This means that Android won't install an unknown app unless you allow it. Even then, you'll have to go change the setting. Learn how to turn off Unknown Sources, and other tips to make your gadget secure.

That isn't to say a hacker doesn't occasionally slip a repackaged app into the Google Play Store. So, before you download any popular app, take a second to look at its statistics. Google Play will show you when it was last updated, how many downloads it has and user ratings.

If you're downloading the Facebook app, and it only has 1,000 downloads and no user ratings, then you're looking at the wrong one. If you aren't sure, do some research on the developer who posted the app to make sure it's the right one.

Next Story
Source: Ars Technica
View Comments ()
This is why you NEVER post on Facebook while on jury duty
Previous Happening Now

This is why you NEVER post on Facebook while on jury duty

Comcast is forcing data caps on even more customers
Next Happening Now

Comcast is forcing data caps on even more customers