Recently, the researchers have just discovered more than 20.000 samples of applications from Google Play, including the registered applications like Facebook and Twitter, are infectious with malware such as Trojan and Adware to add advertisement. The hackers would “break into” the apps, reform the code and infect them with the malware. And then they will redistribute to a third party market. For users, these reproduced apps look all the same with the official apps, so they will install the apps as normal and get into trouble. Lookout Security Company stated that some infected apps can still fully function as normal, but bonus the malicious code!
The bugs are really malicious that they are equipped with multiple root exploits the overcome the firewall of the security mechanism. In other words, the security mechanism can fix a gap to avoid being attacked by the malware but it can automatically change the target and find other weakness to penetrate. It is said that the ShiftyBug has at least 8 separated root exploits.
More than 20.000 samples of some applications are infectious with Trojan and Adware
There are 3 kinds of malware called Shedun, Shuanet and ShiftyBug. Each of them is equipped with the ability to exploit the gap in the security system. Once the mobile phone is infected with the malware, it’s show time for them to obtain the root, which is considered to be the highest privilege in operating system. After that, the malware will disguise as a system application and install itself in to the operating system. The security company Lookout stated that “For individuals, getting infected with Shedun, Shuanet, and ShiftyBug might mean a trip to the store to buy a new phone” to emphasize on the severity of these bugs.
At present, the effect of these malware is just trivial that they allow displaying the unwanted advertisement. However, if they can make them themselves into the operating system and get the root, they can do even more like get access to the personal information or allow the download and installation of other harmful malware. Moreover, they can adjust the resources in your phone that is not allowed by the normal applications. At first the researchers can’t figure out why they have to use such software just for displaying advertisements. After that, they discover that thousands of applications are infected with malware. Then it must be a purposeful plan by the hackers.
Google Play is a legitimate source of applications but it doesn’t mean that there’s no infectious app on it. But it’s much safer for you to download apps from Google Play than any third party market. So don’t make yourself a victim of bugs by downloading the apps with clear origin.
The trace of bugs can be found all over the world in the US, Russia, German, Brazil, Mexico to Indonesia. We hope that the cure for bugs will be found soon for the sake of user’s safety.