Trend Micro has detected a family of mobile malware called Godless (detected as ANDROIDOS_GODLESS.HRX) that functions with a set of rooting exploits. Using these multiple exploits, Godless can target virtually any Android device running on Android 5.1 (Lollipop) or earlier. Today, almost 90 per cent of Android devices run on affected versions.

The malicious apps related to this threat can be found on prominent app stores, including Google Play, and has affected over 850,000 devices worldwide, based on the data gathered from the Trend Micro Mobile App Reputation Service.

Godless hides inside an app and uses exploits to try to root the OS on your phone. This causes admin access to a device, allowing unauthorised apps to be installed. It contains various exploits to ensure it can root a device, and can even install spyware. A newer variant can also bypass security checks at app stores such as Google Play. Once the malware has finished its rooting, it can be tricky to uninstall, the security firm said.

Trend Micro has also found various apps in Google Play that contain the malicious code.

The apps that have this new remote routine range from utility apps (flashlights and Wi-Fi apps) to copies of popular games. Some apps are clean but have a corresponding malicious version that shares the same developer certificate. The danger there is that users install the clean app which then upgrades to the malicious version without their knowledge.

Download certified apps only

So far, Trend Micro has seen 850,000 affected devices, with almost half in India and more in other South-East Asian countries. Less than 2 per cent were in the US.

"When downloading apps, regardless if it’s a utility tool or a popular game, users should always review the developer. Unknown developers with very little or no background information may be the source of these malicious apps. It's also best to download apps from trusted stores such as Google Play and Amazon. Users should also have secure mobile security that can mitigate mobile malware,"  Nilesh Jain, Country Manager- (India and SAARC), Trend Micro, said.

comment COMMENT NOW