New Android Malware Can Remotely Root Phones Without Permission

0

Tim Wyatt, principal engineer and mobile security specialists Lookout, have uncovered new malware targetting the Android operating system, which can enable hackers to take remote control of users’ devices and install unapproved software on their phones without their consent.  

The new version of “Legacy Native” (LeNa) app uses the GingerBreak exploit to gain root permissions on Android phones. LeNa, according to Lookout principal engineer Tim Wyatt, hides its exploit in a functional JPEG file. LeNa gained popularity in Chinese markets as well, it also surfaced in the Android Market (Google Play) a few times.

It’s been discovered in Angry Birds Space. “Among the apps in which this payload appears, however, is a fully functional copy of the recently released Angry Birds Space,” reports Lookout’s Tim Wyatt. “The authors are undoubtedly hoping to capitalize on the latest release from this popular franchise to increase uptake on distribution.

In March, another Trojan appeared pretending to be legitimate Chinese game, The Roar of the Pharaoh. The rise in Android malware comes despite Google’s efforts to police its own app store through the use of its Bouncer service.

Wyatt concluded with some advice for Android users to stay safe.

  • Be alert for unusual behaviors on your phone such as strange charges to your phone bill, unusual SMS or network activity, or application activities that launch when your device is locked.
  • Always check the permissions an app requests. Use common sense to ensure that the permissions an app requests match the features it provides.
  • Only download apps from trusted sources, such as reputable app stores and download sites.
  • Download a mobile security app for your phone that scans every app you download to ensure it’s safe.
Via: Cnet
Follow Us on our Channels: