Why should you update your Android device’s operating system? Two words. Ghost Push.

The well known trojan has had various iterations and it’s often updated to bypass new security updates.

At its peak, Ghost Push infected over 600,000 Android devices daily, a colossal number. The trojan is capable of rooting phones, displaying revenue-generating ads that drain your battery, and can be used by hackers as a means of spying on the infected party.

When infected, it is virtually impossible for the device’s owner to remove the virus, even by factory reset, unless the firmware is reflashed.

This is not an easy malware to get rid of.

The good news? A simple update of your Android operating system can make your phone much less penetrable to this type of malware.

However, even though Android has released version 7, Nougat, of its OS, there is still cause for concern. Recently released figures show that Android users are slow on the uptake when it comes to updating their OS. The majority of users are still running Lollipop, or earlier, meaning that they are vulnerable to the Ghost Push virus.

The latest iteration of the Ghost Push trojan.

In fact, the latest iteration of the Ghost Push trojan, which was discovered in September 2015, can infect devices running on Android Lollipop (version 5) or any of the OS that came before it.

In a recent blog post, Graham Cluley drove home the issue, emphasizing the root of what, on the surface, should be an easy problem to rectify. He said, “when you compare the take-up of new versions of Android compared to Apple iOS it’s clear that one ecosystem does a much better job of getting its users to upgrade to the latest version of their OS, protecting against security vulnerabilities, than the other.”

There’s a reason for this. Whereas Apple has its own integrated app store, for Android it’s a different story. In their case, carriers, smartphone manufacturers and Google all have to work together to get a new update out to users. As such, the process takes longer, and updates are rolled out with much less frequency than they are for iOS.

Android Users

This, unfortunately, has a knock on effect that only serves to make Android users even more vulnerable. As Cluley puts it, Android users end up feeling abandoned, and this leads to many of them venturing “into the cloudy waters of installing third-party ROMs like CyanogenMod that receive regular updates.”

Recent research, also looked at the type of links that delivered the malware to users. Most were short links and ad links. The country most hit by the trojan infection, meanwhile, was India with more than 50 per cent of infections. Indonesia and the Philippines rank second and third, showing that the trojan is most prevalent in Asian countries. This doesn’t mean it’s not a threat in North America and Europe, though.

Be aware

Putting your trust in third-party sources can of course be risky, and that’s where infections like Ghost Push can be unwittingly installed by users. It’s important to be aware of what’s being installed.

Unfortunately installing third-party ROMs and applications can often lead to the installation of unwanted malicious malware and even ransomware. Android users should do their best to only download applications from reputable app stores and should avoid clicking on those suspect unknown third-party links, however tempting the proposition.

The post ‘Ghost Push’ Malware Threatens Android Users appeared first on Panda Security Mediacenter.