Based on Linux, Android is compared to iOS Mobile and Windows 10. Microsoft and Apple each of operating systems, which is based on open source. Exactly, for this reason, users of Android can easily ‘root’ their devices, get privileges as an administrator on the operating system and thus control even how the software controls power to the processor, RAM or GPU.
Beware Android users, “GODLESS” Malware affected 90% of Android devices
However, rooting Android is also exploited by hackers and recently discovered a malware that is used against the user which usually targets devices running Android Lollipop or earlier. Recently Trend Micro security labs find out a family of mobile Malware which is known as “Godless” detected as (ANDROIDOS_GODLESS.HRX)
According to Trend micro labs, almost 90% of Android devices run on affected versions, malicious apps related to this threat can be found in prominent app stores, including Google Play, and has affected over 850,000 devices worldwide.
According to Trend Micro Labs, Godless uses a framework called “android-rooting-tools” to gain the root access to Android-based devices “Godless is reminiscent of an exploit kit, in that it uses an open-source rooting framework called android-rooting-tools. The said framework has various exploits in its arsenal that can be used to root various Android-based devices. The two most prominent vulnerabilities targeted by this kit are CVE-2015-3636 (used by the PingPongRoot exploit) and CVE-2014-3153 (used by the Towelroot exploit). The remaining exploits are deprecated and relatively unknown even in the security community.”
Apart from this, Godless malware can receive remote instructions that let apps to automatically download and silently install on Android devices which in results users are affected with unwanted spam apps that contain ads. This can even use to install backdoors and spy on the users.
Trend Micro recommends downloading apps from trusted stores such as Google Play and Amazon. Users must have secure mobile security that can mitigate mobile malware.