Ghost Push Malware Infect More Than 600K Users Daily

Cheetah Mobile security researchers uncovered a new malware that is infecting 600,000 Android users daily. the malware is called Ghost Push and up to now it is circulating using non official Google app stores. The current estimation of compromised devices is 14,847 that is distributed across Europe, Russia, the Middle East region, and southern China.

There are more than 30 malicious application that include Ghost Push and claim to enhance the wireless connection while its main purpose is to give control to cyber criminal on the device so they run advertising campaigns , download other malicious applications or root the phone and install the Trojan in the ROM.

Ghost Push

Countries infected with Ghost Push

User should be careful with similar type of malware because it will be hard to remove when it install itself on the ROM. this makes the malicious code hidden from any security software that will be running on the system. application detected with this trojan are WiFi Enhancer, PinkyGirls , WordLock , SettingService , Sex Cademy, TimeService , XVideo Codec Pack , Fast Booster , boom pig , iVideo , Indian Sexy Stories 2 , Amazon and more.

Cheetah Mobile recommend user to install Stubborn application from google play which will remove Ghost Push malware. while if your device is infected it will be part from a wide zombie network and can be used for more stealthy purposes by cyber criminal so it is important to make the following:

  1. Make sure to download the application from Google Play store
  2. Install a good antivirus that will protect your data and secure your device
  3. Keep all your application and software updated to fix any vulnerabilities
  4. Don’t install random apps that you didn’t download

Hope this will help to keep your Android smartphone safe.

Share