The Latest in IT Security

Android malware gain access to root

26
Aug
2011

A new malware affecting the latest version of Android operating system 2.3, Gingerbread, is now out in the wild and masquerading as an app featuring the “Beauty of the Day” photos.

The package I downloaded uses the following permissions:
android.permission.READ_PHONE_STATE
android.permission.READ_LOGS
android.permission.DELETE_CACHE_FILES
android.permission.ACCESS_CACHE_FILESYSTEM
android.permission.WRITE_SECURE_SETTINGS
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_OWNER_DATA
android.permission.WRITE_OWNER_DATA
android.permission.WRITE_SETTINGS
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RESTART_PACKAGES

Using Gingerbreak, which is the the latest exploit for gaining root access to Gingerbread, the malware gathers information about the infected device and sends it to a remote servers. In addition to exfiltrating the IMEI, phone number and SIM serial, GingerMaster creates a backdoor root shell, stored in the system partition in an attempt to survive after software upgrades, to allow for an attacker to access the device.

QuickHeal Detects these Malware files as Android.Lotoor.B and protect it’s users.

Leave a reply


Categories

MONDAY, SEPTEMBER 24, 2018

Featured

Archives

Latest Comments

Social Networks