One of the world’s most prolific Android malware instances is still the most prevalent piece of malware more than two years after it first emerged.
The capable trojan known as Ghost Push infects Android up to version five, aka Lollipop, still employed by about 57 per cent of all users.
Ghost Push won’t run on Android version six, Marshmallow, and the recently released version seven Nougat which together account for about 10 per cent of Android devices.
Cheetah Mobile researchers say most infections come from malware-laced installations of pirate and open source apps offered outside of the Google Play store.
One application MXplayer is a legitimate file explorer application hosted on the Android XDA forums popular for its lack of spam ads and features common in equivalent Google Play apps.
The researchers say Ghost Push spreads through pornographic websites and deceptive advertising.
Users should update their handsets to the latest versions of Android as soon as new updates are released, and incline towards pure Android devices like Nexus and Pixel for the fastest application of patches.
Submitted by: Arnfried Walbrecht