Well, this is slightly terrifying. A family of apps has been discovered that is capable of running rooting exploits that work on essentially any device running Lollipop or older versions of Android. What makes matters worse is that some of these apps are located in the Google Play Store, a place that is generally regarded as a haven of safe, well-vetted apps. They’re calling this family of malware “Godless.”
Since the Android ecosystem is so fragmented, around 90 percent of Android devices are vulnerable to this malicious software. Godless apps have been installed on an estimated 850,000 devices so far, striking India, Indonesia, and Thailand hardest of all. The US isn’t safe, however, as something like 17,000 Godless downloads have arrived on stateside devices.
These apps are able to access a heavy index of known exploits once they are installed on your device. After gaining root access, they are then capable of quietly installing further malware on your device. They can also receive remote instructions that can allow a malicious user to harvest personal data or control your device. These apps are also using infected phones to give apps in the Google Play Store ratings and reviews, artificially inflating the ranking of certain apps.
Godless apps will wait until the screen is off before they run their rooting routines. Once the process is completed, they are proving very difficult to remove. Researchers have discovered that many of these apps have benign counterparts in the Google Play Store. They believe it is possible for users to download a harmless app, only to later have it upgrade to a malicious version without the user’s knowledge.
What do you think of this recent security concern in the Android ecosystem? Give us your thoughts in the comments below.