Android malware gains root access

A new malware affecting the latest version of Android operating system (2.3 – Gingerbread) is now out in the wild and masquerading as an app featuring some “Beauty of the Day” photos.

The package I downloaded uses the following permissions:
android.permission.READ_PHONE_STATE
android.permission.READ_LOGS
android.permission.DELETE_CACHE_FILES
android.permission.ACCESS_CACHE_FILESYSTEM
android.permission.WRITE_SECURE_SETTINGS
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_OWNER_DATA
android.permission.WRITE_OWNER_DATA
android.permission.WRITE_SETTINGS
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RESTART_PACKAGES

Using Gingerbreak, which is the the latest exploit for gaining root access to Gingerbread, the malware gathers information about the infected device and sends it to remote servers. In addition to exfiltrating the IMEI, phone number and SIM serial no., GingerMaster creates a backdoor root shell stored in the system partition in an attempt to survive after software upgrades to allow an attacker access to the device.

Quick Heal detects these malware files as Android.Lotoor.B and protects its users.

Ranjeet Menon

Ranjeet Menon

You may also like...

The growing threat of mobile malware: Top Android malware families of 2012

Spam SMS messages on the rise: Quick Heal mobile threat detection numbers

5 effortless steps to block Facebook spam from reaching your news feed

No Comments, Be The First!

Your email address will not be published.

CAPTCHA Image

This website uses cookies to ensure you get the best experience on our website. Learn more