Lookout has now uncovered a malware that pretends to be any of a range of very popular apps.
Lookout, a mobile security company based in San Francisco, has announced that it has discovered a new type of malware threat to devices running on the Android operating system.
This time, it is a form of malware that disguises itself as certain trusted and well-known applications.
Unfortunately, it actually opens the user up to a considerable mobile security risk as it exposes the device to root attacks. Moreover, once it has made its way into the gadget, it is nearly impossible to remove. Though this doesn’t affect people who download their applications from Google Play, it has been discovered in mobile apps that can be downloaded through third-party app stores. Among the titles the malware pretends to be includes: Facebook, Twitter, Candy Crush, Snapchat, WhatsApp and Google Now.
There were around 20,000 instances of this mobile security threat isolated by Lookout in its research.
As the versions of these popular mobile apps that are infected by the malware have been discovered exclusively in third-party app stores, the firm has stated that people who download exclusively from Google Play can more than likely assume that they are free of this infection.
What makes this mobile malware even more challenging is that the majority of the infected applications still work in the exact same way as the legitimate versions. Therefore, it becomes exceptionally difficult – if not impossible –for a regular user to be able to detect the infected ones and therefore, to know which ones to uninstall. Moreover, when root access to a mobile device has been obtained by way of the malware, the app can automatically download and can fully intertwine itself into the operating system.
This makes it very difficult for an expert to delete it and essentially impossible for an untrained user to remove it. Once the infected app becomes activated, it pushes ads into the device of the user and poses a mobile security threat. Lookout explained that it continues to operate in the background and cannot be uninstalled by the majority of users, either forcing them to buy new devices or to have to take the gadgets to IT professionals to have the malware removed.
