“The malware is distributed, at the moment, through non-official app markets. Users should disable installation from untrusted or unknown sources and USB debugging in the devices settings as this will stop the handset becoming infected, even if they accidentally tap on GhostCtrl.apk file.”
Security Expert Comment: GhostCtrl Android Malware That Steals Private Data
- Case Studies
- Posted On
Reports have emerged of an advanced Android information-stealing malware, Dubbed GhostCtrl, that allows attackers to open a backdoor to monitor data, steal information, record audio and video, and even infect the phone with ransomware.
Security expert Leigh-Anne Galloway, Cyber Security Resilience Lead of Positive Technologies has offered the following attributable comments“The consequences of infection from GhostCtrl can be very dangerous. The malware can be used not only to spy on victims but as a platform to perform many different malicious actions. Although technical details aren’t widely known at this stage, what we can assume is that GhostCtrl can act without root or any system-level permissions to collect all private data from infected device“With device admin permissions and all the accessibility services used, this malware can steal almost any data (contact lists, SMS, credit card information, etc), lock the phone (and demand a ransom to unlock it), or use the infected devices to build a botnet that can subsequently be used to launch DDoS attac“The main difference between GhostCtrl and previous Android malware is that this one is particularly sneaky. It doesn’t lock your phone (for now), doesn’t show ads, but it leaves an opportunity for hackers to do that later. It depends on how GhostCtrl authors plan to monetize their malware campaign. Another grave concern is that malware can protect itself to prevent its removal.