Malware in the Android ecosystem has been a major problem this year. Now, it appears that an old malware, called Ghost Push, is still haunting more than 80 percent of the Android smartphones. And, the user base in India is the most affected.
A report published on the mobile security company Cheetah Mobile's website takes a deep dive into the problem of trojans or malware that put Android smartphones at risk. The report suggests that there are three specific types of malware belonging to the Ghost Push family that are being installed in mobile devices over 10,000 times every day.
The biggest source of malware are apps downloaded from the Google Play Store, with unsigned apps being the second biggest source. These trojans frequently prompt users to install new applications that contain malware. Even popular apps, such as Firefox, MX Player, ES File manager and others, are sources for malware links.
The report indicates that Asian countries are affected by malware the most. With over 50 percent affected smartphones, India tops the vulnerability chart. Indonesia and Philippines are ranked 2nd and 3rd respectively.
For now, the Ghost Push trojan only affects smartphones that are running Android versions below Marshmallow 6.0. And, according to latest figures, almost 82.3 percent of Android phones are still running on Lollipop or versions below it.
The trojan not only pushes user links in apps, but sometimes there are unsolicited notifications and popups as well. It uses deceptive pages and pornographic images and links to lure users into downloading the malware. Short links and ads are the major paths leading to malware.
The malware then gains access to the phone's root privileges and can have complete control of the phone as well.
Earlier this year, a vulnerability named QuadRooter was discovered which supposedly could potentially put more than 900 million Android smartphones at risk. The phones affected by QuadRooter could be completely controlled by the hacker.