A deadly Android virus has been found to have affected 20,000 third-party marketplace apps according to a report by security firm Lookout. The virus was discovered embedded in popular user-uploaded applications like Facebook, Twitter and Instagram across third-party marketplaces in places like China, where the official Google Play Store is unavailable.
The virus is a form of adware and comes in a few variations: Shuanet, Shedun and Shiftybug – all of which have a similar mechanism of action. Piggybacking off popular applications installed onto user’s phones, the virus unleashes code, granting itself system access and making it impossible to remove without a user reflash of the device.
The application thrives on the forced imposition of advertising on user phones, generating a continuous irremovable revenue stream for the virus publishers.
Important to note in this incident is that third-party app stores are not, in and of themselves, the problem. Third-party app stores vary in their level of security and the extent to which they scrutinize user-submitted apps. AllChinaTech recommends downloading apps from trustworthy sources to safeguard against the possibility of installing virus-infected apps.
To those who say that this phenomenon is exclusive to Android OS, it was not so long ago that Apple’s iOS was affected with the sneaky malware XcodeGhost, which was downloaded onto user phones through apps found on Apple’s App Store. Hundreds of millions of users were reported to have downloaded the estimated 344 apps tainted with XcodeGhost malware, included among the apps were Tencent’s popular ‘Wechat’ messaging app, China’s leading ride-hailing app Didi Chuxing and Angry Birds 2.
(Image source: Naid)