November 9, 2015
There are more than 20,000 new reasons to ensure that an Android app is being downloaded from the Google Play store, instead of a third-party app store.
Malicious players behind bugs with nasty names, such as ShiftyBug and GhostPush, have injected adware into tens of thousands of popular apps, repackaging them and then putting them on third-party apps stores, reported cybersecurity firm Lookout last week.
The firm, over the last year, collected 20,000 samples of apps that were affected with adware from any of three malware families called Shuanet, Kemoge or “ShiftyBug,” and Shedun or “GhostPush.” The codes from some variants of the malware families were 71 to 82 percent identical, further evidencing the familial ties between the three groups.