Mobile Security series: new Android malware can remotely root the device
With Smartphones carrying valuable user information, each time a malware or security issue surfaces, the whole mobile OS system comes under fire. The latest malware information is Android-related: an updated version of a piece of Android malware doesn’t need user interaction for an attacker to root the device, according to a Lookout Mobile Security research.
The malware, LeNa (Legacy Native), was spotted looking like an authentic application last fall by the security research firm, requiring user interaction to unwittingly utilize the SU utility to gain access to the Android mobile handset. The App surfaced in the Android Market (now Google Play) a few times, before it was removed.
Now, a tweaked version of the malware doesn’t require any user interaction; it uses the GingerBreak exploit and gains root permission on Android devices. According to Lookout Tim Wyatt, Lookout’s principal engineer, LeNa hides its exploit in a functional JPEG file, and communicates with a command and control server to install and launch packages without the knowledge of the Android phone’s user.
The malware is hosted by alternative mobile application market places which are blocked by default on Android phones, but the same tweaked version of LeNa has been seen as a disguised version of the popular Angry Birds Space game. We don’t have any information about the malware hitting Google Play, but this scenario could easily become a reality.
Image credit GSM Arena
- New Built-In Security Feature for Android Market Unveiled (mobileusers.com)
About the Author
- android malware
- Angry Birds
- Google Play
- Mobile operating system