In a blog post written on Fireeye blog the researchers said that, ” The attacker uploads the apps to third-party app stores and promotes the download links via websites and in-app ads. Some aggressive ad networks gaining root privilege can also automatically install the samples. On the initial launch, Kemoge collects device information and uploads it to the ad server, then it pervasively serves ads from the background. Victims see ad banners periodically regardless of the current activity (ads even pop up when the user stays on the Android home screen).”
How can a Android user secure himself from Kemoge?
- Don’t click on links from Advertisement, Emails, SMS or Websites. Kemoge can enter your device from these platforms.
- Try not to install third-party apps, only trust on apps from Android’s App Store.
- Always keep you device up to date. Upgrading to the latest version of OS will provide some security, but it does not guarantee that you will remain protected.