Stay Away From This Android App

A new malware was discovered by an IT security researchers this new malware is essentially an Android app masked as a system cleaner app named Ks Cleaner. Once this Android app is installed on a user's smartphone, they keep seeing unnecessary ads on their home screen.


Stay Away From This Android App


The tech giant Google’s mobile platform, of course, Android is the most widely used operating system worldwide, and perhaps for that reason the most exploited in computing security.

Previously we have seen Judy Malware infecting devices to generate large volumes of fraudulent clicks on ads, converting into revenue for their creators.

Ks Cleaner forces users to download a security update. Once the update was installed, the malware can’t be removed from the system. Web security firm, Zscaler stated that this Android App downloads itself from ads that are contaminated with malware.

Once the KS Cleaner installed on the system, users are displayed with a flash message which says that the phone has a security loophole which puts user’s account and other data at risk. The only option users have “Ok” button.

Android App


Once user taps on the “Ok” button it automatically downloads another APK file which is known as “Update”. Once installed on victim’s system, it can’t be removed due to the APK registering itself as an Android Receiver.

If an APK register itself as Android receiver it gains administrative right which makes it impossible to remove from the phone. If a user tries to delete it manually, it will register event “DEVICE_ADMIN_DISABLED” triggers the malware which causes the phone to freeze.

Shivang Desai of Zscaler on a blog post stated “Once the app gains admin rights, it becomes impossible to remove it from the device. The traditional ‘Uninstall’ option, by default, becomes disabled, because a user cannot remove apps with admin rights. Usually, one can uninstall such apps by first removing admin privileges via settings, but this app uses an unconventional method — registering as an Android receiver — to preserve its admin privileges.”

Once the APK installed on the smartphone, users keep seeing unnecessary ads on their home screen. The APK file “Update” can even manage the bookmarks, settings and can even download apps without permissions.

The best thing to dodge this malware is to avoid clicking the suspicious links. Disable the “Unknown Sources” Download option from Settings. Staying away from unknown forums will help a lot since the most malware instances have been found on online forums.

So, what do you think about this? Share your views in the comment box below.

About Emmanuel

This is a short description in the author block about the author. You edit it by entering text in the "Biographical Info" field in the user admin panel.

0 Comments:

Post a Comment

Your comment and facebook share will be appreciated