Android security researchers have revealed that thousands of famous Android apps that are hosted on different websites for download are actually injected with adware. These malicious apps automatically root the device which they are installed on. The researchers also state that such a malware is almost impossible to remove.
Lookout, a security firm, has reportedly uncovered more than 20,000 malicious apps. Such apps disguise themselves as the official version of popular apps like Candy Crush, Facebook, WhatsApp, etc. Such a disguise easily makes the users fall into the trap. Once the app has rooted the device, it becomes vulnerable to other malware attacks. Surprisingly enough, India is one of those countries that are the most-affected by such malware apps.
The Lookout report states that the hackers behind such malware simply inject the malicious code into the content of popular apps and then repackage them, ready to upload on a host website. It is impossible for a regular user to differentiate between an infected app and a non-infected app, as the malware-injected app looks exactly the same as its clean, official counterpart. The malware gains a high-level of system access, which is dangerous.
What’s more annoying is that the malware roots the device without the knowledge of the user, and it cannot be removed by simply uninstalling the app. The victims will either have to take professional help and get the device re-flashed, or they might have to buy a new device altogether. So if you are in the habit of downloading a lot of apps from a lot of different websites, learn a lesson from this report and download apps only from Google Play Store.