A new Android virus that goes by the name GhostCtrl is on the loose, and Android users are warned to watch out for this malware as it can secretly record your messages, chats, and files.What is more frightening is that this malicious software, which has the ability to disguise itself as some of the most popular apps such as Pokemon Go and WhatsApp, is spreading really fast. Chances are your device might be infected too!
When smartphones were first introduced, the prospect of a virus attack on these devices was never in the picture. However, it has become a reality now.
The number of Android users is continuously on the rise and unfortunately, many of them are becoming targets of hackers, who unleash all sorts of nasty malware on their smartphones. The fact that new types of viruses keep on breaking loose is indicative that there is a huge network of hackers all over the world who are dedicated to creating havoc and destruction.
Right now, there are three versions of this virus, and GhostCtrl happens to be the third iteration.Warnings of this virus were first raised by the London based firm Trend Micro. Android users download the virus, which is disguised as popular apps, thinking it’s the real deal. Once the virus gains entry into your device, it executes a serious of malicious attacks and puts your android’s security at risk. It takes over the control of your smartphones and from there on, everything goes haywire.
How the GhostCtrlvirus spreads?
As mentioned above, the GhostCtrl Virus masks itself as popular apps such as Pokemon Go or WhatsApp. An android user who wishes to install these apps may unknowingly download the virus infected APK file.
While trying to install the app, the usual install prompt will be displayed. If, however, the user chooses to cancel the installation, the install prompt will reappear again. This prompt will keep on appearing until the user gets frustrated and finally decides to accept the install.
Once he/she accepts the install procedure, the virus enters the system using backdoors. Soon it opens a communication channel to the command and control server used by the hacker to send commands to the virus infected devices.
So, if your smartphone has GhostCtrl installed on it, it will start receiving commands from the hackers through the command and control server. Since the viruses connect to a domain instead of a direct IP address, it is practically not possible to detect it easily.
Capabilities of the GhostCtrl Virus
The GhostCtrl Virus comes with an extensive range of scary features. It is one of the most powerful malware ever to be used on Android devices, and has the following capabilities:
- Records audio and video from infected Android devices and sends these recording to the command and control server of the hackers
- Monitors the real-time data available in the phone sensors
- Gains total control over your calls and text messages
- Displays the file information in the current directory and then uploads it to the command and control server
- Has full control of the Wi-Fi and Bluetooth services
- Deletes important files
- Installs and opens new apps, which could also be infected with viruses
- Uploads and downloads files from the command and control server
- Sends customized SMS or MMS to a number specified by the hacker
- Calls a hacker specified number
- Locks your Android device’s screen, resets its password and asks ransom from the users
- Changes the user interface modes
- Downloads multimedia and files from sources specified by the hacker
- Manipulates important files, including changing the names, deleting user files, renaming the data, and removing system files
- Manipulates of user and system settings
- Hijacks browser, which includes browsing history, stealing cookies and browsing stored password, form data, and account credentials
How to stop the GhostCtrl Virus from attacking your Android device?
As they say, prevention is better than cure. Although the prospects of the Android virus are really scary, taking a few simple precautions can help prevent the attack on your device. As explained before, the GhostCtrl virus manages to enter your Android device when you download an infected APK file from an unreliable source. Many people download APKs from third-party APK sites directly on to their Android devices or to a PC which is then transferred to the smartphone with the help of Android USB Drivers.
You never know if the files from these websites are infected with the virus or not. So, to be on the safer side, it is better to avoid downloading apps from untrustworthy sources. Installing a good antivirus would prevent the virus from infecting your device.
Also, an effective firewall solution will stop communication between the virus and the command and control server. This should give you ample time to protect your data and fix the issue. The next time you visit a third-party website to download an app, think about the GhostCtrl virus and how it can jeopardize your android device. So, guys, be careful, be safe!