“Godless” Android malware.Malware isn't something new to smartphone operating systems, especially Android. Sometimes, it's even a point of criticism for Google's platform. There are, however, few exploits, like Stagefright and Heartbleed, that has users, developers, and security researchers scrambling. The new "GODLESS" family of malware, reported by software security firm Trend Micro, seems to be bent on becoming one of those, secretly rooting infected devices and opening them up to further compromise, which is practically any device running Android 5.1 Lollipop or older.
GODLESS actually uses already existing exploit tools so it isn't completely new. Its methods and aggressiveness, however, make it noteworthy. In the bad sense, of course. It doesn't rely on a single exploit but uses multiple ones to get the job done. While some of those exploits are known to already be deprecated, some, like the Towelroot and PinPongRoot exploits, remain unpatched on certain Android versions. GODLESS is also cunning in the way it takes hold of a smartphone. It waits until the user turns of the screen's device so that it can proceed without showing any visible signs. It uses those exploits to root the device without the user's knowledge or consent. Once that's done, the sky's the limit for the malware user. In most cases, it contacts a remote server to install more apps and malware behind the user's back. Worst case scenario, it could even start spying on the user and pilfering sensitive personal information. In the past, malware using the same tools that GODLESS uses ships with the file for exploiting the device's security. GODLESS, however, downloads the payload from a remote server and itself doesn't contain the files. That allows infected apps to bypass the Google Play Store's automatic malware detection. Although already destructive by nature, GODLESS' severity worsens with its reach. The exploits it uses have only been plugged up in Android 6.0 Marshmallow. As of June 6 this year, only 10.1% of devices in the market use that version, leaving 90% vulnerable. In Trend Micro's survey, the malware family wreaks its havoc most in Asia, particularly in India. 
GODLESS infected apps find their home outside of official Android app stores, though in one case it might indirectly affect even legit clean Google Play Store apps. Some infected apps are able to use the same developer certificate as the clean app, which users might use to install or update over the clean ones. It is therefore highly recommended to install apps, or even them, only from certified and trusted sources. But even then, care should be taken when installing unfamiliar utility apps that might very well be infected. Source : trendmicro | |
|
|
|
|
Nice share
 | |
|
|
|
|
Nice one!
| |
|
|
|
pajji replied at 2016-06-26 15:26 Thanks bro | |
|
|
|
Pulak replied at 2016-06-26 15:24 Thanks dude | |
|
|
|
|
Worst part is India is the most infected country @pajji @pulak
| |
|
|
|
viki4vikram replied at 2016-06-26 15:32 Pirated s/w is one of the main reason and of course rooting without proper knowledge  | |
|
|
|
|
I seriously have an hard time understanding how people can be so stupid, all you need is some common sense to avoid these 99% of the time. And no the "pirated apps" excuse doesn't work, I've only ever paid 2 apps since 2012, everything else "pirated" (let's be honest, free apps are one of the main reasons to use android for) and never had any issues.
But yeah if there weren't any ***s exploiting people's stupidity there would be no problems, there's nothing I hate more than that kind of guys. | |
|
|
|
Onohara replied at 2016-06-26 16:24 Yeah.. agreed.. specially with this point - free apps are one of the main reasons to use android for  | |
|
|
|
|
meizy will patch it next year, lol
| |
|
|
|
16