Beware Android users! “Godless” named Malware can Root your device Anonymously!

If you are using Android Lollipop or its earlier version, then your device is at risk. A new type Android Malware has been discovered by the security researchers of “Trendmicro”. The name of the malware is “Godless” and it is capable to root your device automatically. It could install third party malicious coded programs in your device to perform that operations, which could be harmful for your device and your personal information.

“More than 8,50,000 Devices have been affected by this Malware and half of these affected devices are from INDIA. All the other Asian Countries are at number two and USA contains only 2 Percent affected devices”, according to the stats of TrendMicro.

How ‘Godless Malware’ is doing its work?

When security researchers of Trendmicro were doing work on it, they discovered that this malware is using an “android-rooting-tools” named framework to target devices. Through this framework, malware can get privileges of developer by rooting your device. Once it got the access, it will install third party hard coded malicious programs in the file system of your Android Devices to keep eye on your device. This malware will collect the information from your device and will send it to the hackers through command and control (C&C) servers. This malware can send stolen information to its authors through these servers, because bypassing the security check of app stores such as “Google Play Store” is an easy task for it. This malware is exploiting two main vulnerabilities of Android Lollipop and Its earlier version. Following are the vulnerabilities:

CVE-2015-3636 (used by the PingPongRoot Exploit)

CVE-2014-3153 (used by the Towelroot Exploit)

From here you can get an idea, how harmful Godless malware could be for your devices. This malware can automatically install malicious applications in your device from third party app store. Hackers are using this malware for various purposes such as, for spreading malicious advertisement links and for installing backdoors and spywares in device. By installing backdoors and spyware, authors of this malware can steal your personal data (Credit Card Information, Personal Photos, Videos, Chat History, and Documents etc.) which you have stored in your devices.

How users are getting affected from this Malware?

According to the stats of Trendmicro, more than 850000 Android devices have been affected by this Malware. A number of applications are available on app stores which contains this malware. Google Play Store is also included in the list of play stores. “Flashlight, Wifi Apps and Some Gaming Apps” contains this malware. Some clean apps are also using the same certificates which have been used by these malicious applications. This malware comes automatically in your device through the above apps.

Tips for Android Users