Tuesday, September 26, 2017
Home / Malware / Researchers reveal new Android rootkit using exploits to spread

Researchers reveal new Android rootkit using exploits to spread

A research team at North Carolina State University led by Professor Xuxian Jiang recently announced that a security flaw in Android Version 4.0.4 and below could exploited by a rootkit with relative ease, according to an official university research blog post.

Like most Android malware, the rootkit can be distributed as a malicious app, opening up a host of potential vulnerabilities on any device on which it is installed. However, it functions in a different way.

Instead of directly attacking the operating system kernel, blog author Matt Shipman wrote, the rootkit approach targets a flaw in the Android framework — creating a host of possibilities for a hacker.

“This would be a more sophisticated type of attack than we’ve seen before, specifically tailored to smartphone platforms,” said Jiang. “The rootkit was not that difficult to develop, and no existing mobile security software is able to detect it.”

A YouTube demonstration highlights the simplicity of the rootkit — the user was able to hijack a standard Nexus S with ease, reprogramming the browser icon to launch Angry Birds instead. Apps can be hidden on the device but remain installed and functional, which could enable a hacker to conceal malicious software from unsuspecting users.

Source: http://www.networkworld.com/news/2012/070212-android-malware-260627.html

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Silent OS 3.0 for Blackphone Completely revamped

Version 3.0 migrates Silent OS to Android Marshmallow 6.0.1 and delivers the Android safety patch …