“Godless” is a malware that can root your Android phone without your knowledge

There’s a new breed of malware doing the rounds that can root your Android smartphone, among a number of other nasty things, without you even knowing it.

Called “Godless”, the dangers of this malware were highlighted by TrendLabs, the research arm of digital security agency Trend Micro. Godless is a piece of malware contained in some Android apps that possesses a host of rooting exploits that it can use to wreak havoc on any device running Android Lollipop 5.1 and earlier.

According to TrendLabs, Godless is present in certain apps available even on prominent app store like Google Play, and has so far affected over 850,000 devices worldwide. In addition, nearly half of that number, 46.19 percent to be exact, are devices in India, with Indonesia coming in second, holding only about 10 percent of the affected devices.

Godless uses an open-source rooting framework called android-rooting-tools, which can be used to unlock various Android devices. Once a malicious app with the malware is downloaded onto the device, Godless waits until the phone’s screen is turned off before proceeding with the rooting routine. Once that’s done, it implements a different standalone Google Play client.

The reason for this is that Godless can then fraudulently, and without your knowledge, upvote the apps that contain the malare to boost their rating. In addition, it can also remotely instruct the device to download additional apps, which may contain unwanted ads as well. That, however, is the least of those worries. More importantly, once the phone is rooted, Godless can also install backdoors to spy on the user.

TrendLabs has identified a number malicious apps on Google Play that contain the malware, including utility apps, and copies of popular games. One mentioned in particular is called “Summer Flashlight.”

But what if you only download apps from developers you trust? Well, if you download or update your apps outside the Play Store, you could still be in trouble.

Godless is present in a number of apps in the wild that are made to look exactly like popular games and the like, right down to the developer certification. So if you’ve attempted to get an update ahead of your friends, by downloading a patch from outside Google Play, you could be instead downloading a fake that then infects your device with Godless.

The best way to avoid this kind of security issues is caution. Preferably, stick to downloading apps of certified platforms like GOogle Play and Amazon, and be sure to research a developer that you haven’t heard of before. In addition, if you’re proficient enough to root your own Android, stay away from suspicious websites that offer app updates or downloads. Even among the modding community, there are a few trusted sourcees to get your apps, if you know where to look.

Posted by on June 28, 2016. Filed under Technology. You can follow any responses to this entry through the RSS 2.0. Both comments and pings are currently closed.