The Godless malware has mainly hit India and other parts of southeast Asia, Trend Micro says Android users beware: a new type of malware has been found in legitimate-looking apps that can “root” your phone and secretly install unwanted programs. The malware, dubbed Godless, has been found lurking on app stores including Google Play, and it targets devices running Android 5.1 (Lollipop) and earlier, which accounts for more than 90 percent of Android devices, Trend Micro said Tuesday in a blog post. Godless hides inside an app and uses exploits to try to root the OS on your phone. This basically creates admin access to a device, allowing unauthorized apps to be installed. Godless contains various exploits to ensure it can root a device, and it can even install spyware, Trend Micro said. A newer variant can also bypass security checks at app stores like Google Play. Once the malware has finished its rooting, it can be tricky to uninstall, the security firm said. Trend Micro said it found various apps in Google Play that contain the malicious code. “The malicious apps we’ve seen that have this new remote routine range from utility apps like flashlights and Wi-Fi apps, to copies of popular game,” the company said. Some apps are clean but have a corresponding malicious version that shares the same developer certificate. The danger there is that users install the clean app but are then upgraded to the malicious version without them knowing. So far, Trend says it has seen 850,000 affected devices, with almost half in India and more in other southeast Asian countries. Less than 2 percent were in the U.S. “When downloading apps, regardless if it’s a utility tool or a popular game, users should always review the developer. Unknown developers with very little or no background information may be the source of these malicious apps,” Trend said. It’s also best to download apps from trusted stores such as Google Play and Amazon, it says. And of course, Trend recommends you buy some mobile security software. Related content news F5 looks to squelch 'ball of fire' that is application security Updates include security scanning and penetration testing capabilities for web applications, as well as a new container-based web application firewall. By Michael Cooney May 01, 2024 4 mins Firewalls Network Security Networking news Arista targets lateral security threat in campus and data center networks Arista Macro-Segmentation Service sets up microperimeters for enterprise resource protection. By Michael Cooney May 01, 2024 3 mins Remote Access Security Network Security Networking brandpost Sponsored by Zscaler Breaches galore - why a proven platform for Zero Trust is needed Organizations need a proven platform for zero trust. But before we dive into why that is the case, we must first answer two important questions. By Zscaler Apr 30, 2024 8 mins Network Security brandpost Sponsored by Zscaler 4 reasons firewalls and VPNs are exposing organizations to breaches Yesterday’s solutions are today’s problems. By Zscaler Apr 30, 2024 11 mins Network Security PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe