CheckPoint researchers believe the malware can then mutate according to whatever its C&C overloads command. They expect that the malware will become part of a larger botnet which could distribute other apps and change the victim’s UI around.
RottenSys is part of the modern trend in malware of not taking money directly from your pocket like ransomware – but forcing you to watch irritating ads – and then billing the advertisers for their effort. Nobody is saying if these ads are really “high value”.
At its core, RottenSys is a supply chain vulnerability in the software industry. It is like your car, with multiple factories making foam padding, fabrics, steel frames, another factory putting this together into a seat and shipping it off to the final assembly plant where it arrives about 45 minutes before being bolted into place. Automakers watch this entire supply chain extremely closely — and RottenSys is a sign that the IT industry needs to do so as well.
There is a silver lining though. Due to the prerequisites that need to be given for the malware to be on your phone most of the infected phones are based in China – so if you have not bought your device from over there you should be safe. To be really sure though, you can do the following:
Go to your Android system settings and from there in the App Manager. Then look for the following possible malware package names:
If any of above is in the list of your installed apps, simply uninstall it and you should be fine.