Even if you don't download and install apps on your Android device from untrusted sources, your Android handset might still be affected with a newly found malware called Ghost Push. The Trojan-style malware has managed to find its way to Google Play by hiding itself inside apps.
Ghost Push has infected more than 900,000 Android devices so far, reports Cheetah Mobile, the developer that also discovered the malware. If that wasn't scary enough, the malware obtains root access to the affected device and installs more malicious apps and a never ending stream of ads. The affected apps include Talking Tom 3, Easy Locker, Privacy Lock, Calculator, and Assistive Touch among others.
The team at Cheetah Mobile estimates that criminal behind Ghost Push make around $4 million (roughly Rs. 26 crores) every day from it (thanks to the ads). The firm further noted that most security suites are unable to detect the malware. The firm has, do note, made a tool that detects and removes the said malware.
The malicious code hides itself insides apps and manages to bypass the security measures set by Google. This isn't the first time Google has fallen short from preventing similar mishaps. Earlier this year, security firm Avast reported several malicious apps in the store that affected millions of Android users. Another security firm Symantec went a step ahead and claimed that one in five Android apps the Google Play Store is malware. In July, it was revealed that Hacking Team had also found a way to bypass Google Play Store's measures. However, what's even more alarming is that Ghost Push manages to root devices, which enables it to install more malicious apps.