It is pretty clear now that being an Android user is more of being a survivor considering the weak security that Google guarantees for its users. Well, threats on Android devices keep being discovered almost weekly as there’s now a new malware making rounds and users are being warned.
Android currently runs on over two billion devices globally and has been subject to very high-end threats, one being the Judy malware that saw over 36.5 million devices infected. It is not so long ago that researchers found malicious anti-virus apps on Play Store and which already had thousands of instals. It is also safe to note that most if not all threats have been sourced from apps accessed directly from Google Play Store.
If we really started going through the history in terms of security threats that Android has faced, we would have to take a seat and some tea. Now, Android users have to be cautious about a new malware in the Store that researchers have discovered as a hazardous strain from almost 25 apps. The threat, dubbed “Exodus” is allegedly able to root devices and also brags of complex spying features. The malware is capable of gathering phone numbers and sending them to external servers but more than that, it could severely affect a device after rooting it.
From the phones infected, Exodus also extracts contact details, chat logs, passwords and also creates local audio and video recordings. The malware is said to have used an exploit called “DirtyCOW”, which for those who can remember, was patched by Google in 2016. This may be some good news for anyone with phones that had their systems updated since then as they are protected from this. But going by how poorly Android OEMs update their devices, a good number of people out there are still vulnerable to such exploits.
An investigation by Security Without Borders and Motherboards revealed the existence of this risk. Other than that, it has also been discovered that iOS devices have had a taste of Exodus as it has made its way to the system. This is quite surprising but it was all made possible by phishing sites that it used to circulate.
On iOS, Exodus abused Apple Developer Enterprise Programme, which saw it spread through the system undetected. Things are better for iOS users however since it did not work itself to the App Store that is accessed more frequently. Apple is aware of the threat and addressed that as long as the user’s system is updated, there is no cause for alarm. On the other side, Google has also eliminated 25 apps from Play Store that were found to have the malware on them.