As Android is an open platform, and users can freely install apps from whichever store they choose, there’s often stories like these that end up infecting hundreds of thousands of Android devices the world over. Cheetah Mobile, a well-known developer of Android apps and utilities is reporting that they’ve found a new malware dubbed ‘Ghost Push’. In the same post they estimate that it’s already reached more than 600,000 devices across 3,658 different brands of devices. The CM Security Research Lab has been monitoring the virus and now understand how it has been spreading and what exactly it does.
‘Ghost Push’ is essentially a malware build that installs unwanted apps on to your Android device which suck up precious resources and generally run a muck with your phone or tablet. The blog post also goes on to say that it cannot be removed easily even through “factory reset or using normal antivirus software“. It seems that the virus has come from third-party app stores that are hosting apps from developers such as Amazon and users have been downloading what they think is the legitimate version, and getting something that has been tampered with. The source link has a neat list of 39 apps that have been found to be infected and include Amazon, Happy Fishing, Memory Booster, XVideo, Whatswifi, Photo Clean, Super Mario and other apps that users are likely to download in their droves.
Both Cheetah’s Clean Master and CM Security can now identify and remove the app from your devices, but again the general takeaway here is stick with the Google Play Store. If you’re pirating games or apps that are supposed to be paid for, then it’s pretty clear something illicit is going on and you should probably cool things for a while. If you’re downloading software that is legitimate, but not available in the Play Store for whatever reason, then you should do so straight from the developer wherever possible. Those interested in learning more can take a look at the source link below, and remember, if something looks too good to be true then it probably is.