The Ghost Push malware continues to circulate in the wild and has been detected infecting Android apps to compromise user mobile devices. Researchers at Trend Micro say the new variations are more difficult to detect and are pushing the malware epidemic to another level, with earlier research suggesting Ghost Push is infecting 600,000 users per day.
The malware enters mobile devices through users downloading malicious apps offered by third-party hosts rather than the official Google Play Store.
Further investigation has revealed Ghost Push is now being modified and over 20 variants of the malicious code is in the wild. The researchers say the new strains are more difficult to detect and eradicate as the variants not only encrypt their Android application package file (APK) and shell code, but also renames the .APK file used to install malicious code.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now