New Android malware type gets root-level access, almost impossible to remove

If you thought the Android platform was on the verge of getting more secure following this summer's Stagefright exploit, you thought wrong. The security researchers at Lookout have identified a new type of Android malware that, after disguising itself as a popular app, gains root access to a device and works itself so deep into the operating system that it's nearly impossible to remove. Users might need to have manufacturers reflash the OS, or just flat-out replace the device, as a factory reset won't be enough.

Lookout explains that the malicious apps, which are often found on third-party app stores, can even use official software code to appear more like the apps they impersonating. While some do nothing but display ads, there are others that actually function as they should, even when infecting a user's device.

Once the malware, known as Shedun, Shuanet, and ShiftyBug, gets onto a phone, it gets root-level access, then installs exploits that appear as system apps. This is what makes it so impossible for common users get rid of them, as even those who know their way around the OS will have a difficult time.

Lookout says they've already identified 20,000 apps with the modified code, originating from a wide range of countries. They add that there's no sign the malware has made its way onto the Google Play store, so as long as users stick to the official marketplace they should be fine. Those who choose to root their device, however, need to be very careful with what they download.

SOURCE Lookout