Tuesday, October 25, 2016

Ghost Push Malware is Still Affecting Android Devices.

Ghost Push 

Android is nice and Powerful OS, but the fact that it is open source, makes it vulnerable and easily targeted in many ways. While several users and mobile phone manufacturers are gearing up to welcome the latest Android 7.0 Nougat, It has come to light an old malware Ghost Push, which first surfaced about 2 years ago, has resurfaced again, and half Android devices, are on the risk of being  infected.

Ghost post was first known when Android 5.0 Lollipop was the latest Android OS then, but because most android phone users has upgraded to Marshmallow 6.0, and more recently 7.0 Nougat, (which are both immune to Ghost Push), 57% of android users still run on either Lollipop 5.0 or 4.0, 4.2 or 4.4 Kitkat. To this day, Android smartphone and Tablet owners who runs on Lollipop 5.0 or earlier are susceptible to Ghost Push attack and currently,  it is able to root almost all Android versions except for Android 6.0," The Cheetah Mobile team notes. The Ghost Push uses some well known and trusted apps, ad links, and short links that are reluctantly downloaded and clicked by users.

Ghost Push affected users chart

It has always been advised to download apps from a trusted site site like PlayStore, but the fact that the malware has infiltrated Google Play Store makes matters worse and makes me wonder even PlayStore itself is still safe for Android user to get apps from, both paid and free apps. Even the some trusted apps like "Privacy Lock" and "Easy Locker," and some harmless ones such as "Talking Tom 3" and "Calculator," fell victim to the ghost Push, when bogus versions of these apps duped unwitting users.

What Happens once a User Gets Affected by Ghost Push
Once an Android smartphone gets hit by Ghost Push, it will automatically root the device,take full control of an the Android device,  inputs encrypted core codes into the system directory in order to disguise the malware as built-in apps of the phone, and all this can be done without the knowledge of the phone user(s). Also, Ghost Push can/will:

Android Malware
• Display deceptive or pornographic pages to users, trick users to pay money or download new malicious samples

• Display ads or promote webpages/apps.

• Lead users to pornographic pages.

• Push ads in the status bar

How to Fix GhostPush
  • In some/most cases, deploying a powerful malware scanner might scan and remove these malicious codes from your device. 
  • Performing a clean factory reset/wipe will also wipe or remove the malware, but this will make you loose some documents in your phone.

  • Finally, prevention they say is better than cure, you can't be worrying about how to fix a Ghost Push infected device if you don't have it. Always get your apps from trusted sites/developers and avoid Pornographic/ pretty much every other untrusted sites.

If You Enjoyed this Post, Kindly take 5 Seconds and Share it With Your Friends on

No comments:

Post a Comment

***We ❤ to hear from you, Tell us Your views and opinion. Please note that comments are always moderated, Abusive comments won't be approved, and spammy comments are deleted automatically