Software:Ghost Push

From HandWiki
Revision as of 08:52, 9 February 2024 by JTerm (talk | contribs) (fix)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Ghost Push is a family of malware that infects the Android OS by automatically gaining root access, downloading malicious and unwanted software.[1][2] The malware appears to have been discovered in September 2015 by the security research lab at Cheetah Mobile, who subsequently developed diagnostic software to determine whether a device has been compromised.[3] As of September 2015, twenty variants were in circulation.[4] Latter day versions employed routines which made them harder to detect and remove.[1] The malware hogs all the system resources, making the phone slow, draining the battery and consuming cellular data.[3] Advertisements continually appear either as full or partial screen ads or in the status bar. The applications installed by the malware appear to be difficult to remove, impervious to anti-virus software and even surviving a factory reset of the device.[2]

Infection typically comes via downloading applications from third-party app stores,[4] where at least thirty-nine applications have been identified as carriers.[3] At its peak, the Ghost Push virus infected more than 600,000 devices daily,[3] with 50% of infections occurring from India, as well as from Indonesia and the Philippines, ranking second and third.

The malware was discovered in September 2015 by Cheetah Mobile's security research lab.[2][3][5][6][7]

References

  1. 1.0 1.1 Yang, Yang; Pan, Jordan (30 September 2015). "New "Ghost Push" Variants Sport Guard Code; Malware Creator Published Over 600 Bad Android Apps". Trend Micro. http://blog.trendmicro.com/trendlabs-security-intelligence/new-ghost-push-variants-sport-guard-code-malware-creator-published-over-600-bad-android-apps/. Retrieved 18 May 2019. 
  2. 2.0 2.1 2.2 "'Ghost Push' Malware Infects 600K Android Users Daily". tripwire.com. 22 September 2015. http://www.tripwire.com/state-of-security/latest-security-news/ghost-push-malware-infects-600k-android-users-daily-say-security-researchers/. Retrieved 2016-01-09. 
  3. 3.0 3.1 3.2 3.3 3.4 Yeung, Ken (18 September 2015). "Cheetah Mobile: 'Ghost Push' Android virus infects 600k+ users a day with unwanted apps". VentureBeat. https://venturebeat.com/2015/09/18/cheetah-mobile-ghost-push-android-virus-infects-600k-users-a-day-with-unwanted-apps/. Retrieved 18 May 2019. 
  4. 4.0 4.1 Neal, Dave (1 October 2015). "Ghost Push malware is putting the willies up Android users - TheINQUIRER". London: Incisive Business Media. http://www.theinquirer.net/inquirer/news/2428494/ghost-push-malware-is-putting-the-willies-up-android-users. Retrieved 18 May 2019. 
  5. "How to avoid the new Android "Ghost Push" virus | One Page | Komando.com". komando.com. Archived from the original on 2015-09-23. https://web.archive.org/web/20150923185741/http://www.komando.com/happening-now/326607/how-to-avoid-the-new-android-ghost-push-virus/all. Retrieved 2016-01-09. 
  6. "Ghost Push malware can root devices and install unwanted apps - here is the fix". androidauthority.com. 13 October 2015. http://www.androidauthority.com/ghost-push-malware-root-apps-fix-648735/. Retrieved 2016-01-09. 
  7. "'Ghost Push': An Un-Installable Android Virus Infecting 600,000+ Users Per Day - The world's leading mobile tools provider". cmcm.com. http://www.cmcm.com/blog/en/security/2015-09-18/799.html. Retrieved 2016-01-09.