20,000 Samples of Irrevocable Android Adware

willmtaylor

macrumors G4
Original poster
Oct 31, 2009
10,193
7,722
Here(-ish)
Yikes:
"Auto-rooting adware is a worrying development in the Android ecosystem in which malware roots the device automatically after the user installs it, embeds itself as a system application, and becomes nearly impossible to remove. Adware, which has traditionally been used to aggressively push ads, is now becoming trojanized and sophisticated. This is a new trend for adware and an alarming one at that.​

Lookout has detected over 20,000 samples of this type of trojanized adware masquerading as legitimate top applications, including Candy Crush, Facebook, GoogleNow, NYTimes, Okta, Snapchat, Twitter, WhatsApp, and many others."
Additionally:
"To add insult to injury, victims will likely not be able to uninstall the malware, leaving them with the options of either seeking out professional help to remove it, or simply purchasing a new device."​


https://blog.lookout.com/blog/2015/11/04/trojanized-adware/

Not good.
 

sracer

macrumors G3
Apr 9, 2010
8,355
8,712
Prescott Valley, AZ
Considering the manual steps required to root most Android devices, I'm skeptical of the claims. But if it is true, then it would be nice for someone to develop a legitimate one-button app to root a device. :)
 
  • Like
Reactions: jamezr and iSheep5S

JackieInCo

Suspended
Jul 18, 2013
5,178
1,584
Colorado
Considering the manual steps required to root most Android devices, I'm skeptical of the claims. But if it is true, then it would be nice for someone to develop a legitimate one-button app to root a device. :)
There is a one step process for Nexus devices. I used the Nexus root toolkit to root my Nexus 4 and 7 this week. I also used the Android toolkit to simply press one button and downgrade both of those devices within minutes from Lollipop to KitKat. Easiest thing I ever did.
 

mrex

macrumors 68040
Jul 16, 2014
3,284
1,350
europe
what happens when i go to a dark alley and drop my pants down while using my iphone?

can i be infected after jailbreaking? ;)

so... should i jump from the balcony now? during these years i havent seen any malware on my android phone/tablet/tvbox. am i doing something wrong? should i tap the box "install from untrusted places", and even when getting a warning msg, just pass it by clicking OK, and then surfing to a chinese/russian websites and installing the most wanted expensive app for free?

i definitely misused my devices because never been participating malware party...

and definitely i have to start reading news provided by a business selling security softwares.
 
Last edited:

mi7chy

macrumors 603
Oct 24, 2014
5,951
6,916
I see this more of a scare tactic considering Lookout sells a subscription service. A lot of devices haven't gotten root even with a paid bounty and usually gaining root requires tethering to a PC. Android hasn't experienced anything like the Fappening on iOS where pictures of owners' orifices were leaked on the internet so I'm not concerned. Worst case you can always reflash the factory firmware contrary to Lookout claiming that you can't recover.
 
Last edited:

kasakka

macrumors 68020
Oct 25, 2008
2,064
735
This affects only rooted devices correct?
Sounds more like the app itself roots the device and then installs itself as system app which makes it harder to remove. You would of course have to agree to install the app itself first and this is only going to happen if it masquerades as something else first.
 

chagla

macrumors 6502a
Mar 21, 2008
793
1,005
rooting android involves a few steps.. im curious to learn the exact process of how these apps root automatically.

in any case, you can use a firewall app, block all network access except your browser and other legitimate apps that need network access.