New form of malware could permanently infect a phone

If there was ever a reason to invest in security software, it may come from a new type of malware that once infected never leaves your phone, and can’t be removed until you go get a new one.

Here’s a security issue that could scare any phone owner into buying internet security software pronto, particularly those people in the Android ecosystem who might be doing a bit of a dodge and looking for apps outside of the Google Play Store.

Security company Lookout has recently put up information on a new type of malware that borders on terrifying for phone owners, with the virus not only able to hack into your phone and gain ownership “root” access, but also make it impossible to remove the security exploit once installed. That means a virus-free phone could be impossible unless a new phone is purchased once this virus takes over your device.

The exploit appears to be a new style of hack and is perpetuating itself as official apps around the web, though these tend to come from app stores that are less than official.

As such, if you’re trying to get Candy Crush, Snapchat, Twitter, WhatsApp, and even Facebook from a website outside of the official Google Play store, you may be receiving a fake that has the power to turn your phone into a death trap.

It won’t make it explode, but what it can do is bury itself deep inside your phone, running ads under your phone and making money for the cyber criminal that has developed it. Worse, because your security has been compromised, information may be tracked or uploaded from your device to some place else, potentially sending otherwise secure information to another computer around the web.

While there is no easy fix if you do get infected, the solution to this type of exploit comes before you do, and it’s in internet security software which should be on every mobile and computer (but mobiles are the important one in this story), as well as not going outside of the official Google Play stores if you can on Android, unless you know what you’re doing.

security-virus-malware

“Kaspersky has encountered and put protections mechanisms in for many similar malicious applications,” Kieran Cook, Security Researcher at Kaspersky, adding the he called them “malapps”.

“In Q3 of this year, Kaspersky identified that these Trojanized Malapps accounted for more than half of the Top 20 most popular malapps,” with Cook telling GadgetGuy that threats like these generally arrived from users grabbing the apps from unofficial sources.

Cook has said much the same as we have on this manner, advising to only use Google’s Play Store and to keep a form of Android security app on a phone, but did warn that iPhones aren’t immune either from this style of attack.

“This sounds similar to the recent xcodeghost malware which affected many iOS device applications,” he said. “The root cause of this event was when developers used Xcode, the iOS App development toolset from a source other than Apple’s official distribution.”

In that situation, developers had relied on a hacked copy of the program used to make iOS apps for iPhone and iPad, allowing a piece of malware to be run on their devices, but the key in all of this is the unofficial app sources.

Basically, the logic is that you shouldn’t be getting your apps from any place but the real places, because if you go outside the box and don’t quite know where your apps come from, you might land yourself in hot water and have to buy a new phone to escape.