Friday, March 2, 2018

Android Malwares – Ghost push

Résultat de recherche d'images pour "Android Malwares"

Malwares are softwares or applications which you do not want to be installed. Malwares bring viruses to your device and also a threat to your security.

Ghost Push is a family of malware that infects the Android OS by automatically gaining root access, downloading malicious software, masquerading as a system app, and then losing root access, which then makes it virtually impossible to remove the infection even by factory reset unless the firmware is reflashed. The malware hogs all the system resources, making the phone unresponsive and draining the battery. Advertisements continually appear either as full or partial screen ads or in the status bar. Unwanted apps and malicious software are automatically downloaded and installed when connected to the internet. The malware is hard to detect.

It was discovered in September 18, 2015 by Cheetah Mobile's CM Security Research Lab. 

Further investigation of Ghost Push revealed more recent variants, which, unlike older ones, employ the following routines that make them harder to remove and detect: 

  •  encrypt its APK and shell code,
  •  run a malicious DEX file without notification,
  •  add a “guard code” to monitor its own processes,
  •  rename .APK (Android application package) files used to install the malicious apps,
  •  And launch the new activity as the payload.
.Source: https://en.wikipedia.org/wiki/Ghost_Push

I am a victim of this malware too and it took me a week before I discovered the tool to remove this malware.

How is this part of hacking? 

This Malware is created by hackers to steal your personal information on your device. Protecting yourself from these hackers is an important thing to learn. 

Let’s get started! 

If you think that you are infected, Download and install “Stubborn Trojan Killer” by Cheetah Mobile on Google Play store. Run the app, then let it decide if you are infected or not and how to fix it. If Stubborn Trojan Killer prompts or asks for root permission, please grant it.

0 comments: