‘Godless’ Android malware spreading rapidly in INdia

Your Android device might not be as safe as you think. Android users have reason to fear “Godless,” a new family of malware targeting Android mobile devices that has been detected by digital security firm Trend Micro, the company said yesterday. The malware, named after the ANDROIDOS_GODLESS.HRX filename it uses, uses multiple exploits to root users’ devices. The ‘Godless’ malware has affected over 850,000 devices worldwide with half of them being in India.

What is  a malware?

‘Malware’ is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. It can take the form of executable code, scripts, active content, and other software.

Godless Malware installs unwanted apps on phone without users knowledge

Godless hides inside an app and exploits the root of the operating system on your phone. This creates admin access to a device, allowing unauthorised apps to be installed.

“It contains various exploits to ensure it can root a device and it can even instal spyware,” the report warned.

 By gaining root privilege, Godless can connect to a command-and-control (C&C) server capable of delivering remote instructions that force the device to download and install additional apps without the user’s knowledge. At best, a user receives unwanted apps on the phones. At worst, the same technique can be used to install a backdoor or spy on the user.

Zhang said that a hacker can use that capability to design a malicious app containing a local exploit binary to fetch the payload from the C&C server, allowing the malicious app itself to pass security checks performed by app stores such as Google Play.