Newly Discovered Auto-Rooting Android Adware Is Impossible To Remove
Google joined hands with different manufacturers to bring security patches for Android devices the world over that are delivered on a monthly basis. But while the initiative is all well and good, it's worth noting at this point that ill-intentioned individuals are doing all they can to make sure that they break past the security measures put in place to harvest as much personal information they can from a user, or target them using adware. Case in point, a new type of adware has been discovered in a wild, and it's so nasty that it forces a user to buy a brand new phone if they're willing to get rid of it for good.
According to security firm Lookout, they have uncovered a new family of adware for Android which gains root access to a device and installs itself on a system level, while also disguising itself as a system app. This means that even if you reset your handset or tablet, the traces of the adware will still remain there and there's nothing you can do about it, subsequently forcing the user to invest in a new handset instead if they're looking to bring things back to normal. And since the adware gains root access to the device, this also means that it poses a big security threat to the user itself, leaving all their data to be compromised.
The way the adware is packaged is no rocket science but it's a carefully planned out scheme. Legit apps, such as the official clients of Facebook, Twitter etc. are downloaded from the Google Play Store and then repackaged in such a way that they contain traces of the new adware. The newly packaged apps are then made available to download through third-party channels apart from the Play Store itself. Once downloaded and installed, things take of from there, in a bad way of course.
Like legit apps, you can simply uninstall the infected apps and you will not come across any sort of alert whatsoever, but the traces of the adware will remain on the device no matter what you do. The adware works silently in the background doing as much damage as it possibly can.
Lookout has found over 20,000 legit apps being disguised as the trojanized adware, and includes big name apps such as "Candy Crush, Facebook, GoogleNow, NYTimes, Okta, Snapchat, Twitter, WhatsApp, and many others."
What can you do to protect yourself from this adware you ask? It's simple - stick to the Google Play Store for downloading apps and games, and make sure that you uncheck the 'Unknown sources' box by navigating to Settings > Security.