Autorooting Malware Gives Hackers the Green Light into Your Device

It wasn’t that long ago when discovering new products, restaurants and everything in between came down to asking our circle of friends. Reviews and ratings were the stamp of approval to which our friends held the key. In 2016, we ask the internet, and now strangers tell us what they like (or don’t), and why we should too. Before downloading an app or finding a new hairdresser, we ask people we may know nothing about other than their username what they think.

Where am I going with this? Malware. Autorooting malware is a growing threat that cybercriminals launch on mobile devices in order to install unwanted apps. This exploit is used to drive revenue and boost ratings. If ratings are high for an app, other users are more likely to trust and download it. Rooting a device allows cybercriminals to perform operations that would otherwise require your permission. Autorooting can be a major threat — once a criminal has taken over your mobile device, they can open the door to all of their dangerous friends. It’s a shady app party, and your device is getting destroyed.

The latest bad guy to get caught is LevelDropper, a malicious app available in the Google Play Store that appeared to transform your phone into a level, in order to replace the physical one in your toolbox. Handy! Everyone who has ever struggled to hang up a picture — rejoice! Sadly, LevelDropper is just the next offender in the mobile threat world. Once downloaded, the app autoroots the device and quickly installs new apps, without user permission. As we’ve told you before, it’s important to always be picky when downloading apps. If you notice new apps that pop up right after downloading one from an app store, your device could have fallen victim to an autorooting malware attack.

LevelDropper isn’t the only app using autorooting to their benefit and your detriment — the trend is exploding. Malicious programs are offered in even the most trusted app stores, and the only way to stay clear is to use extreme caution.

Cybercriminals are always looking for new ways to trick you into downloading their apps, but there are ways to keep them at bay:

  • Always be cautious when downloading apps on your mobile device. Read the privacy policy, check out user reviews, and be sure you’re OK with providing access to everything it’s requesting.
  • Install comprehensive security. McAfee® Mobile Security is free for Android and iOS, and can help to protect your Android mobile device from not only autorooting malware (like LevelDropper), but all malware. We don’t discriminate, and will alert you if we sense an app to be malicious, all before you download.
  • So many new apps, so little time. A key to keeping your device healthy is only downloading apps that have a good reputation. The internet isn’t just a handy place to find your new favorite restaurant, it’s also a great place to do some digging. Search the app’s name and see the buzz.

If you do fall victim to autorooting malware, we recommend performing a factory reset of your mobile device. Cybercrimes are always evolving, and we will never stop having your back. Check back here to always stay in the know.

To keep up with the latest security threats, be sure to follow @IntelSec_Home on Twitter and like us on Facebook.

lianne-caetano