Ghost Push – Monkey Test & Time Service

By - Mir Zahoor - Forum Founder,


Ghost Push is a family of malware that infects the Android OS by automatically gaining system-level access to your mobile phone. With this privilege, it’s able to root your device without your consent, and download malicious apps like MonkeyTest and TimeService which slow down your phone, drain your battery and consume a great deal of network traffic. What’s super dangerous about these viruses is that they’re incredibly hard to get rid of – even if you uninstall them, they will reappear when you restart your phone even by factory reset unless the firmware is reflashed.

Devices infected with ghost push
PIC1 (Devices infected with Ghost Push)

Since Ghost Push has been annoying millions of Android users, you must be wondering how it works and what you can do to get rid of it. Ghost Push gets root privileges on your device and uses your network data to push advertisements to you. It can also automatically download useless applications without your knowledge. Hackers have injected malicious code into popular applications and distributed these new files disguised as the original apps. Once users install these seemingly normal applications, the malicious code starts doing evil.

How Ghost Push works
PIC 2 (How Ghost Push works)

It was discovered in September 18, 2015 by Cheetah Mobile’s CM Security Research Lab. After earning full control over a device, the Chinese hackers running the operation would push app installations without the user’s consent… and they weren’t free apps. Cheetah Mobile estimates that Ghost Push made this criminal ring about $4.05 million per day. There’s not much to worry about now, as all of these malicious apps were quickly taken down from the Google Play Store, but some of you may have already been affected. As we mentioned above, this is a very nasty virus that sticks to your phones internals. Most anti-virus software won’t even work, but Cheetah Mobile has created a specialized tool to kill Ghost Push.


Please enter your comment!
Please enter your name here