{"id":8714,"date":"2015-11-05T16:27:56","date_gmt":"2015-11-05T20:27:56","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=8714"},"modified":"2015-11-05T16:27:56","modified_gmt":"2015-11-05T20:27:56","slug":"newly-discovered-adware-digs-its-claws-deep-into-android-is-nearly-impossible-to-remove","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2015\/11\/05\/newly-discovered-adware-digs-its-claws-deep-into-android-is-nearly-impossible-to-remove\/","title":{"rendered":"Newly discovered adware digs its claws deep into Android, is nearly impossible to remove"},"content":{"rendered":"

Security researchers found over 20,000 adware samples hiding in apps that masquerade as Facebook, Twitter, Snapchat, and other popular services.<\/p>\n

Derek Walter<\/a> | @derekwalter<\/a> | PCWorld<\/a><\/p>\n

Security researchers have uncovered a new style of Android malware that hides inside of apps that act and look like they\u2019re legitimate services.<\/p>\n

Lookout Security described the unsavory practice as \u201ctrojanized adware.\u201d Essentially the third-party apps look and function like\u00a0Google, Facebook, Twitter, WhatsApp, and other popular apps. But once they\u2019re installed, they assign themselves system-level permission and serve up ads throughout the rest of the OS, generating money for the hacker.<\/p>\n

It\u2019s a new level of evil genius because the security firm says they\u2019re nearly impossible to uninstall: the best option for those who fall victim is to just ditch out on the device and pick up a new one. The trojanized apps obtain root-level access and install themselves as system apps, so even a factory reset<\/a> doesn’t get rid of them.<\/p>\n

The impact on you:<\/strong>\u00a0While this may sound dire, it confirms our core piece of security advice: stick to the Google Play Store or Amazon App Store and always install the latest Android OS and Play Services updates. The absolute best option is to pick up a\u00a0new Nexus device<\/a>, which Google has pledged will get monthly security updates directly from Mountain View. BlackBerry recently made a similar pledge<\/a>, with Silent Circle (maker of the Black Phone), and a few others jumping on board. So far, Google has been the most aggressive at sticking to the timeline.<\/p>\n

The Wild West of Android apps<\/h2>\n

These miscreants are hiding out in third-party app stores and in software downloaded via the web. They still look and work like regular apps, but then release the trojanized adware into your device with nearly limitless access to key data.<\/p>\n

In a blog post outlining the threat<\/a>, Lookout\u2019s Michael Bentley cautioned against rooting one\u2019s phone, a popular activity by those who like to install custom ROMs and tinker with the way their phone works.<\/p>\n

\u201cThe act of rooting the device in the first place creates additional security risk for enterprises and individuals alike, as other apps can then get root access to the device, giving them unrestricted access to files outside of their domain. Usually applications are not allowed to access the files created by other applications, however with root access, those limitation are easily bypassed,\u201d he said.<\/p>\n

The security firm said there are three similar families of the trojanized adware that serve up the ads: Shuanet, Komage, and Shudun. Together, they\u2019re responsible for over 20,000 different samples of malware.<\/p>\n