Google is facing a potentially huge issue with Android malware, after mobile security firm Lookout discovered a new bug it claims is virtually impossible to remove from infected devices.
The bug appears to arrive on Android smartphones and tablets via third-party app stores, rather than Google Play, which Lookout says has not been hit at this time.
These apps look just like the ones you’d download from Google’s official emporium, but come with code that can root deep into your Android kit.
Although the researchers say that the bug is essentially a piece of adware, which automatically generates ads, the fact that it can gain so–called ‘system application’ status is a huge worry.
System application status means affected apps will be able to harvest password data from other add–ons, something which is strictly forbidden for regular apps.
Because the malicious code essentially roots an Android device, digging deep into its systems, erasing it is virtually impossible.
Lookout says that a factory reset will not work and that affected users will either need to get their handsets flashed at their local mobile shop or even get a new phone.
Worryingly, it appears hackers have targeted apps from the likes of Facebook and Twitter, before offering them in unofficial app stores.
The hack appears to have targeted US and German users, but UK Android owners should remain vigilant.
With that in mind, Lookout recommends that Android owners only download apps from Google Play.