Once again, in the world of Android apps, we are reminded to only download applications that are genuinely authorized by Google Play Store. New research conducted has revealed an outstanding number of devices are still continuously being infected by malware.
Cheetah Mobile Security mobile research team has claimed they are responsible for several of the Android infections floating around in cyberspace. Typically, these infections are spread by means of false ads and pornography-related websites.
Ghost Push malware is not new to the Android platform. In fact, during the peak operations of Ghost Push, this malware was said to have infected nearly 600,000+ Android devices on a daily basis. However, Ghost Push continues to be a threat, rooting Android-based smartphones, as well as tablets. This is all from attempts to generate several displays of revenue-creating ads, as well as providing direct access to the user’s Android device for spying operations against unsuspecting users.
In the research, Ghost Push was updated several times throughout the last few years. With that, there are reports that at least a total of 3 different groups of this malware are being installed, well over 10,000 times each day. At this point in time, this malware can root all versions of Android, including up to version 5, also known as Lollipop.
Allowing it to root several Android versions gives the malware full access to the phone or tablet; fully installing other malicious code to carry out any attacks the hackers are wanting to perform.
For those who are using Android devices running version 6’s Marshmallow, or even the latest version 7, Nougat, you have nothing to fear – at least for now. However, it’s only be a matter of time before the creators of this malware figure out the root priority, and that they manage to apply the patch to an update in future builds to Ghost Push.
Sadly, this is the source of the initial issue. The chart below, which shows the latest figures of how many individuals are still running Android Lollipop, or earlier versions of Android, demonstrates that over 90% of active Android users are vulnerable to Ghost Push. This information is pulled directly from the Android Developers Platform Versions.
Clearly seen in the reports, Android Marshmallow adoption is on the rise. We are also hoping that Android Nougat will follow the same path. However, if comparing those who take up the later versions of Android operating systems (OS) to Android’s top competitor, Apple iOS, the results are clear. One of the systems performs much better, gaining more users to upgrade to the latest version of their respective OS. This is a rising matter in each OS attempting to protect their users from harmful malware and exploited vulnerabilities.
We have seen Apple iOS create updates and patches for their existing OS. However, this raises the question of why Android users are not updating their systems to a more secured version. The answer is in several cases, Android updates are simply not made available to users. However, if you purchase a smartphone that is made by the search engine giant Google, you are more likely to have a direct route for receiving updates within a reasonable amount of time.
The majority of issues for owners of these devices is that companies that manufacturer them, including Google, need to work within a unison mode, in order to properly update the Android versions. The problem highlights how these manufacturers don’t appear to have enough incentive to pull together and form a unison in favor of the users.
Sources: Google Play Store, Trip Wire (Ghost Push Android Infection), Android Developers, CyanogenMod.
This article (Ghost Push –Still Taunting Android Users) is a free and open source. You have permission to republish this article under a Creative Commons license with attribution to the author and AnonHQ.
