This malware seem to have already gone viral and out of control, targeting over 850,000 Android devices that had been affected.
There had been confirmation by TREND MICRO (a Security firm) that the new malware is known as “Godless” (ANDROIDOS_GODLESS.HRX) that especially targets Android devices having a set of rooting exploits in its pocket, it uses multiple methods to exploit and can attack virtually devices running Android Lollipop or lower versions.
How the Godless Android Malware attacks:
It was found out that the malware utilizes the open source android-rooting-tools framework, which contains exploits for well-known vulnerabilities such as PingPongRoot and Towelroot.
Once it finds its way onto a device and roots it, the malware installs a backdoor for remote access that can be used to download unwanted apps and advertisements, as well as apps that can spy on users.
The malware is distributed via infected apps, even those on PlayStore are not innocent of it. As it aslo exists on utility apps like your Flashlight, Wi-Fi apps and exists in some popular games. One app was unleashed to have the malware, the malicious app is known as “Summer Flashlight” that contains the malicious Godless code.
Interestingly, Trend Micro also unveiled that there are clean apps on the Play Store that contain the same developer’s certificate through which the malware can be distributed. Once any upgrade is made, the user may be attacked by the malware without knowing it.
As much as clean Apps may be affected on Playstore, it is advised that users should always have antivirus apps installed and also practice safe browsing and installation of popular games and apps by using only trusted stores on Amazon and Google Play. They’re advised to also carefully look out for app reviews.