Android Rootkit Malware

Rootkits are software that are designed to hide deep within the operating system to conceal their presence and activity. They are often used by malware authors to carry on their malicious activity unnoticed. Rootkits for both Windows and Unix/Linux systems have existed for a long time. They are often hard to detect after they have already taken control of the system.

Earlier this year, two scientists from Rutgers University discussed the possibility of smartphone rootkits, and demonstrated how rootkits could be used to take control of smartphones. More info here.

A malicious attacker could use such a rootkit to track the device location, eavesdrop on a meeting, or rapidly drain its battery. Although, this requires the smartphone to allow changes to its low-level software. Apple’s iPhone locks down this type of access, so this attack would only be possible on a jail broken iPhone. The only way the bad guys can get such a malicious rootkit on a smartphone device would be to gain physical access to the device, exploit an unpatched security vulnerability or use a social engineering tactics to trick a user into installing malicious code. For Android based smartphones, the attackers have to get around Google’s application vetting process or target Android phones where the user has given permission for non-Market applications from unknown sources to be installed.

More info on this topic can be found in this paper “Rootkits on Smart Phones: Attacks, implications and opportunities” here.

According to media reports security researchers are planning to demonstrate a malicious rootkit for Google’s Android operating system that is capable of tracking the location of the device, read user’s private SMS messages, and redirect calls to bogus numbers.

We recommend STOPzilla Mobile Security to help you remove this infection. Please click here to download. If you have any additional questions please feel free to call 1-855-969-0790.

No Comments Yet.

Leave a reply

Blue Captcha Image