Google Android has been a primary concern of the attackers. Counting from a simple text message that could hack an Android phone remotely to the Stagefright bug making Billion users vulnerable.

Now, the latest is the 'Kemoge Malware' that has made its debut as an Adware on the Android mobile phones, allowing third-party app stores to fetch your device's information and take full control of it.

Security researchers from FireEye Labs have discovered that Kemoge malicious adware family is spreading in 20 countries around the globe. Also, the origin of the Adware's attack is suspected from China.

What is Kemoge?

The name given to the malicious Adware family is because of its command and control (C2) domain: aps.kemoge.net.
Kemoge is an Adware in the disguise of popular Apps; it has circulated in such numbers because it takes the name of popular apps and repackages them with the malicious code and make them available to the user.

They even use the same developer name, as used by the verified and clean apps on the official Play Store.
Some of the popular apps getting affected areImage)

-Talking Tom 3
-Calculator
-Shareit
-Assistive Touch
-WiFi Enhancer

The attacker sets up a genuine looking interface and uploads the apps to third-party app stores and plays smart by promoting the download links via websites and in-app advertisements.

Some aggressive ad networks gaining root privilege can also automatically install the samples.

Once activated on the device, Kemoge collects device information and uploads it to the ad server, then it slyly serves ads from the background.
Victims get ad banners frequently regardless of the current activity as ads even pop-up when the user remains on the Android home screen.


How to Protect Against Kemoge?

Kemoge is a dangerous threat and to stay safe you are advised to:

-Never click on any suspicious links from emails, SMS, websites, or advertisements.

-Never install apps outside of the official App Store.

-Keep your Android devices up-to-date in order to avoid being rooted by public known vulnerabilities (Upgrading device to the latest version of OS provides some security but doesn't always guarantee protection).

-Uninstall the app showing Ads.