VERY IMPORTANT

Halloween is still a month from now and yet Android users are already being haunted by the previously reported “Ghost Push” malware, which roots devices and makes them download unwanted ads and apps. The malware is usually packaged with apps that users may download from third-party app stores. Further investigation of GhostPush revealed more recent variants, which, unlike older ones, employ the following routines that make them harder to remove and detect: encrypt its APK and shell code, run a malicious DEX file without notification, add a “guard code” to monitor its own processes, rename .APK (Android application package) files used to install the malicious apps, and launch the new activity as the payload.