A new family of malware, known as Godless, has been discovered as a serious exploit that leaves “virtually any Android device running Android 5.1 (Lollipop) or earlier,” vulnerable. That’s nearly 90% of all Android phones.
Researchers at Trend Micro Labs have uncovered a new family of mobile malware, aptly named Godless (detected as ANDROIDOS_GODLESS.HRX), that can virtually exploit any Android device running on Lollipop or earlier. Alarmingly, that’s nearly 90% of all Android devices currently being used around the world.
If that isn’t terrifying already, malicious applications that spread the malware were located by researchers on various app stores, including the biggest Android app store of them all – Google Play. The numbers get worse. The malware has already nearly a million devices around the world.
Rooted in Hell
The malware uses the open-source rooting framework called android-rooting-tools, a toolkit which typically bestows advanced admin and root privileges to its users. Or in this case, the malware.
The malware, in addition to the potentially devastating root privilege, can also receive malicious instructions from attackers to then download and install other malware applications in the background. While such threats typically end with unwanted apps and ads, they can also be wielded to install backdoors on targeted users.
When a user unknowingly installs the malicious application, the malware pauses, waiting for the screen of the targeted device to be turned off. The malware then proceeds to root the device. Following the rooting procedure, the payload is installed as a system app. This particular action makes the malware even harder to remove.
Some of the malicious applications spreading the malware include utility apps such as flashlight apps and Wi-FI apps.
Trend Micro recommends that users always check to see a developer’s credibility before installing any application. The cybersecurity firm has not listed a fix. It’s blog post read:
There is absolutely nothing wrong with rooting one’s mobile device. It can have several benefits in terms automation, performance, and basically getting the most out of a device. But when a malware roots a phone without a one’s knowledge, that’s where the fun stops.
Image credit: Pixabay.