A common rule of thumb is that those who stick with the Google Play Store are safe from malware and other dangers. This is mostly the case, but once in a blue moon we get some exceptions. Such is the case for Ghost Push, a trojan malware that hides itself inside popular apps and has managed to make its way to official app markets (yes, this includes our beloved Play Store).
This malicious code was discovered by Cheetah Mobile on September 18th. Things spread quickly and the malware managed to infect 900,000 devices, which really is a significant number. This includes smartphones and tablets from many markets and manufacturers. We can thank the quick proliferation to the nature of the software. Aside from bypassing security measures established by the Google Play Store and other markets, Ghost Push was able to obtain full root and control smartphones and tablets at its fullest. This also made it nearly impossible to get rid of.
Some of the infected apps include bogus versions of Calculator, Smart Touch, Assistive Touch, Talking Tom 3, Easy Locker, Privacy Lock and others.
After earning full control over a device, the Chinese hackers running the operation would push app installations without the user’s consent… and they weren’t free apps. Cheetah Mobile estimates that Ghost Push made this criminal ring about $4.05 million per day.
There’s not much to worry about now, as all of these malicious apps were quickly taken down from the Google Play Store, but some of you may have already been affected. As we mentioned above, this is a very nasty virus that sticks to your phones internals. Most anti-virus software won’t even work, but Cheetah Mobile has created a specialized tool to kill Ghost Push.
The app is also good at detecting the malware, so you should run it if you have been noticing any weird activity on your smartphone, or if you happen to have downloaded one of the listed apps.
This just goes to show you that we should always be careful of what we do with our smartphones. Sometimes even the Google Play Store is not safe, so try to be careful where you grab your apps from. Always make sure it comes from the official developer and no red flags are up. Have any of you been affected? The stats show the USA had its fair share of infected gadgets.
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.