The Obad Trojan assures its secret presence and persistence on infected devices by extending Device Administrator privileges to the app without making it pop up on the list of applications that have such privileges and by not having an interface.
Trend Micro's new Hidden Device Admin Detector app allows users to find and easily disable apps that have device administrator privileges but are hidden from Android Device Administrator list.
Once the privileges are disabled, the malicious app can be uninstalled by the user in the usual way, or via security solutions.
Since it's unknown when Google will get around to patching the flaw that allows this stealthy behavior, it may be a good idea to download the app and run it occasionally to check whether this or a similar app has found a way onto your device.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.