Experts from the anti-virus firm Lookout found non-removable standard methods the virus on Android. This was reported in the company’s blog.
The experts found 20,000 malicious applications that are disguised as popular applications and services: Candy Crush, Facebook, GoogleNow, NYTimes, Snapchat, Twitter, WhatsApp. After downloading an infected application virus rutuet system (gets root access) and quietly operates in the background, while the program for the user to work as usual.
For the user, the virus becomes Undelete: The unit can not be cured by uninstalling installed programs or reset the system to factory settings in which there is to reinstall the operating system. In case of infection, experts advise Lookout or seek professional help, or buy a new device.
As emphasized by the researchers, the Trojan can be picked up only by downloading third-party application stores. This Google Play – official store – is located above suspicion. In the risk zone of the US, Germany, Iran, Russia, India, Jamaica, Sudan, Brazil, Mexico and Indonesia.
Number of researchers have identified three types of malware, works in a way. Shuanet holds avtorutovanie devices and hides in a file directory. Kemoge (or ShiftyBug) also rutuet smartphone and puts applications with malicious code. Shedun (or GhostPush) – runs along the same lines. Typically, applications are not allowed access to the system files to other applications, but if the virus was Ruth access, this restriction is removed.
At the same time together all three types of Trojan are identical 70-80 percent, may indicate that they belong to one or more attackers.