BENGALURU: A new type of malware called Ghost Push, which hides itself inside popular apps, is affecting 158,729 devices in India, according to Cheetah Mobile Security Research Lab.
While globally Samsung suffered most, in India Micromax had around 55,444 devices being infected, followed by 19,984 of HTC and 9,905 Samsung devices. Globally, Ghost Push has infected 10,000 phone types and 2,742 brands.
In September 2015, the research lab had warned Android users against this malware which has multiple variants and has so far affected more than 900,000 Android users (ranging from 2.3.4 to 5.1) in over 116 countries. Experts from the Cheetah Mobile Security Research Lab found that behind this virus family is an illegal mobile marketing industry chain who make 4.05 million dollars every day.
This Trojan mainly resides in popular games, tools and social software, including Talking Tom3, Super Mario, Amazon, and more. Cheetah Mobile experts believe that the attack might originate from China. So far, virus samples have been found in Google Play, Aptoide, mobogonie and other popular app stores.
The virus developers have repackaged popular apps and injected malicious code and ad components into them. The repackaged malicious apps are then released into legitimate app markets and made available to massive numbers of users who are keen to download these (disguised) popular apps. According to Cheetah Mobile, these developers can make an average of $1.50 every time the virus installs an application on a smartphone.
This virus family has gained automatic root permission thereby making it nearly impossible to remove. Clean Master and CM Security have developed a mechanism to deal with the virus called the Ghost Push Trojan Killer.