back to article More than half of Androids susceptible to ancient malware

One of the world's most prolific Android malware instances is still the most prevalent piece of malware more than two years after it first emerged. The capable trojan known as Ghost Push infects Android up to version five, aka Lollipop, still employed by about 57 per cent of all users. Ghost Push won't run on Android version …

  1. Nate Amsden


    Just stay away from dodegy 3rd party apps and app stores.(or, if you must use them use them on a device you don't care about)

    Get your porn on your computer and copy to phone if you need it mobile.

    Outside of say china I've yet to read about any mass outbreaks of malware on android (nothing compared to the likes of windows or wordpress etc)

    I'd love to have an up to date(security) phone but unfortunately most times that would mean a newer OS when I'd rather just have a patch to fix the issue. Last I saw on el reg google was still releasing patches for 4.4.x.

    But of course ATT would rather me buy a new phone when I like my note 3 a lot (more than note 4 5 and 7, though 7 sounds like a collector's item now)

    1. Nate Amsden

      Re: or

      I like my note 3 so much that I'd buy a new one today if it meant revived support with android 4.4.x of course.

      1. Wade Burchette

        Re: or

        Have you seen if Cyanogenmod has an update to your Note 3. I love my Galaxy Note 10.1 2014 edition tablet. The only way I was able to get the latest Android version through an unofficial Cyanogenmod build. It works quite well, despite a few bugs.

        1. Nate Amsden

          Re: or

          Honestly i tried rooting my android 5 note 3 once with what seemed like a high probability of success from what I read online but I failed. I got close enough to what felt like the possibility of bricking my phone I did not tey again. I think KNOX is what stopped it.

          I would like to try again though the methods sort of scare me. I mean "download this dodgey app and get root" i am just worried about what if anything else that app might be doing in the process(I say this as a Linux user for 20 years).

          I do miss the days of webos where getting root was typing a "secret" code in a window, pressing a button and perhaps rebooting to enable developer mode. Then get root access over the usb port with standard tools.

          At some point I'm sure I will try again

        2. Kingsman

          Re: or

          Which Note.1(2014) do you have? Mine runs Lollipop 5.1.1 flawlessly. I just love it. There are still some problems with the Marshmallow Rom for those who are able to use it. Have you checked XDA lately to see if there is an updated version available. I'm going there now to check for my own tablet, but am not willing to sacrifice any of the superb capabilities of my tablet.



  2. adfh

    So the source article mentions "MXPlayer Pro"

    ... is it saying that this application is:

    * Bad in all cases?

    * Susceptible to dodgy ad injection?

    * Legitimate but being distributed in third party stores/APK form with malware added

    1. VinceH
      Paris Hilton

      Re: So the source article mentions "MXPlayer Pro"

      The third option - I think - but it's easy to be confused by an article which seems to say most Ghost Push "infections come from malware-laced installations" then goes on to say that "Ghost Push spreads through pornographic websites and deceptive advertising".

      Perhaps it's both, or the deceptive advertising is for malware-laced installations of otherwise legit packages. Or something.

      I don't have time to read the source article this morning, so I'll just stick with being slightly confused on this one.

      Paris because she could be getting a headache due to the confusion, and there's even a question mark.

      1. Anonymous Blowhard

        Deceptive Advertising

        There's another kind?

  3. Andrew Jones 2

    So..... 1) don't turn off the security that stops you installing stuff outside the Play Store and 2) "One application MXplayer is a legitimate file explorer application" no..... no it's not - it's an extremely popular video player, which immediately makes me doubt any other research that the source article claims to have undertaken.

    1. Charles 9

      MX Player ALSO has a file explorer to let you find media files on your device.

      As for custom firmware, that's no good if you run a root- or custom-aware app.

  4. MrDamage Silver badge


    Those with handsets abandoned by their phone manufacturers - typically 18 seconds after devices leave retail shelves - should consider running third party ROMs like Cyanogenmod and NamelessROM which are often updated weekly and run a purer strain of Android.

    1. kyndair

      Re: FTFY

      More like as soon as it's left development they abandon it to start the new pretty pretty. Most phones never see an update, some get a single update, very few get 18 months and you can count the companies that do more on one hand

  5. John Robson Silver badge

    But does it run on 2.3?

    Or do I care, given that I run my phone as a phone.

    HTC DesireS set up as a pure phone* as a battery life of about 10-12 days.

    I just can't even justify going out and buying a cheap 'feature phone'...

    (* No WiFi, Bluetooth or mobile data; Voice is locked to 2G, not 3 (more efficient radios). Screen brightness is lowered and the thing does it's own 'aggressive power saving' at 30%.)

  6. Tim Seventh

    or alternatively...

    get Note 7 and detonate the phone when you get the malware.

    seriously though, just change the browser to iphone agent and avoid 3rd party apps.

    1. Crazy Operations Guy

      Re: or alternatively...

      The Note 7 ships with Android 6, so would be immune anyway...

  7. mjflory

    Multiplying marshmallows

    Ten percent for Marshmallow and Nougat sounds a little low. The most prevalent number I found for last month for Marshmallow was 18.7%, with a trace on Nougat (about a tenth of a percent).

    1. Robert Helpmann??

      Re: Multiplying marshmallows

      The headline should be changed to More than half of Androids still running old, unpatched version of OS. Vendors may worry about Google undercutting them in the marketplace, but if they cannot or will not keep the OS on their phones and tablets up to date, they can piss off.

  8. Kingsman

    For those of us who don't have Marshmallow or Nougat

    My tablet is just about the greatest. However, my Samsung Galaxy Note 10.1(2014)SM-P605v is not rootable at the moment, nor are the Cyanogenmod Marshmallow alternatives available for other tablets in this series of Note tablets really viable. In the meantime, Cleanmaster or DU Speed Booster have excellent anti-viral and anti-malware capabilities. Just install, and the software will run in the background. Pay attention to notifications and do the appropriate cleaning. These work beautifully and flawlessly.

  9. RobThBay

    Don't forget about Blackberry's Android phones.

    "Users should update their handsets to the latest versions of Android as soon as new updates are released, and incline towards pure Android devices like Nexus and Pixel for the fastest application of patches."

    Don't forget about BlackBerry's Priv and DTEK series of android phones. BlackBerry releases updates as quickly and as often as Google does for their own phones.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like