FirmEye, a Security and cyber-attack firm tracked down a new mobile malware that is threat in more than 20 countries worldwide.
Kemoge, an Android-affecting malware which you can install via ads, poses a security threat. The apps are duplicates of software that can be found on the Google Play Store; the key difference is that they attack the user's device after installation.
On its blog, FireEye says, "The attacker uploads the apps to third-party app stores and promotes the download links via websites and in-app ads. Some aggressive ad networks gaining root privilege can also automatically install the samples. On the initial launch, Kemoge collects device information and uploads it to the ad server, then it pervasively serves ads from the background. Victims see ad banners periodically regardless of the current activity (ads even pop up when the user stays on the Android home screen)."
Your data such as the phone's IMEI, IMSI, and storage information are then remotely sent to a third-party server.
FireEye said that “Kemoge has self-preservation features, and can uninstall other software including anti-virus applications. Google has been notified of the threat, and everyone else is advised not to download dodgy looking things from third-party websites.”
FireEye suggest Android users not to click on the suspicious links from emails/SMS/websites/advertisements, don’t install apps outside the official app store, Keep Android devices updated to avoid being rooted by public known bugs.