Godless, without God, is a malware released some time ago for the Android platform, it was discovered in an updated version by computer security researchers, which is capable of attacking Android terminals running version 5.1 or older, so approximately 90% of the entire base.
Godless is similar to a jailbreak solution because it uses multiple exploits to infect the target terminals, an open source framework called android-rooting-tools being used by hackers, allowing very fast exploitation of the terminals after installing the malware.
At the moment Godless has infected approximately 850.000 Android terminals around the world, it is present in multiple application stores on the planet, including Google Play, so users could be infected without knowing it even if they install applications directly from the Google store .
After gaining administrator access to the Android system, this malware can install other applications by itself without the user knowing, but its hackers have thought it through so well that it can even spy on infected people, of course without them knowing in any way moment that happens in reality.
Based on the data gathered from our Trend Micro Mobile App Reputation Service, malicious apps related to this threat can be found in prominent app stores, including Google Play, and has affected over 850,000 devices worldwide.
The old versions of Godless were thought so intelligently, that he starts getting root access to the Android terminal not immediately after installing the application, but after the screen has been locked and the terminal is not used, so the user does not know about the problem, the malware installing an encrypted file called _image that cannot be deleted very easily.
Now, the malware downloads this file from the hackers' server, this method preventing Google Play, for example, from identifying the malware in an existing app in the store, so Google has to manually search for the apps and check which ones it downloads and installs the file that infects the terminals.
According to those from Trend Micro, the infected applications have different functions, from those related to connecting to Wi-Fi networks, flashlight-type applications, or clones of some popular games, those from Google managing to delete some of them before many users to be affected by Godless.
Everyone knows that Android has big security problems, and malware like Godless can appear anywhere and anytime, even if Google now deletes the infected apps from the store, their appearance from the very beginning being new proof that the system is not thought good.
