Not to alarm you but Android malware is steadily on the rise. This is mostly prompted by the fact that the OS has become a massively popular mobile platform. Digital troublemakers know that the best place to wreak havoc is where there are a lot of users, and Android is just the place to be for them.
Recently, researchers have managed to detect the most dangerous Android malware example yet discovered. It’s a Trojan that exploits the ‘GingerBreak’ root hack that was discovered last April. The flaw is found in Android 2.3 and will most likely target smartphones, though tablets using the OS can also be infected.
A team in North Carolina State University, in conjunction with Chinese mobile security firm NetQin, studied the Trojan, named ‘GingerMaster’. The malware itself has many of the hallmarks of several Android Trojans that could be found circulating in Chinese third-party sites.
GingerMaster manages to intrude into a system masquerading as an app that shows pictures of women. Once downloaded and installed, the Trojan then uploads as much user and device information as it can to a remote server. This includes smartphone IMEI data and telephone numbers. After this is done, the server will then send additional malware to completely take over the smartphone.
Designed as a root hack, this malware bypasses Android’s app permission system to do as much damage as possible. It also makes it hard to stop it, short of a total reset.
Android 2.3.3 and 2.2 are deemed to be vulnerable to this Trojan. Google managed to patch the vulnerability back in April, but many users may have missed the small update. Most networks don’t roll-out updates unless it’s something major and this definitely should jumpstart their emergency measures.
To avoid getting the infected apps your smartphone, it’s best to stick to upgrade your OS and to stick to approved app sources.
Source: Hacker Journal