Security researchers helped launch 19 Google Play Store apps that installed rare rooting malware to take control of the smartphone. Discovered by Lookout cybersecurity researchers, malware dubbed AbstractEmu rooted an infected Android device to perform various malicious activities, including monitoring notifications, capturing screenshots, recording the screen, and even resetting the device's password or blocking it entirely. "By using the rooting process to gain privileged access to the Android operating system, the threat actor can silently grant itself dangerous permissions or install additional malware, steps that would normally require user interaction," the researchers observe. Infected apps disguised themselves as utility apps, such as password managers, data savers, app launchers, etc., and were fully functional. Of the 19 apps removed, the researchers say seven had rooting capabilities and one had more than 10,000 downloads.