Forgot your password?
typodupeerror
Google

+ - SPAM: Android rootkit is just a phone call away

Submitted by alphadogg
alphadogg (971356) writes "Hoping to understand what a new generation of mobile malware could resemble, security researchers will demonstrate a malicious "rootkit" program they've written for Google's Android phone next month at the Defcon hacking conference in Las Vegas.

Once it's installed on the Android phone, the rootkit can be activated via a phone call or SMS message, giving attackers a stealthy and hard-to-detect tool for siphoning data from the phone or misdirecting the user. "You call the phone, the phone doesn't ring, and when the phone realizes that it's being called by an attacker's phone number, it sends him back a shell [program]," said Christian Papathanasiou, a security consultant with Chicago's Trustwave, the company that did the research.

Because the rootkit runs as a module in Android's Linux kernel, it has the highest level of access to the Android phone and can be a very powerful tool for attackers. For example, it could be used to reroute a victim's 911 calls to a bogus number. The rootkit could also track a victim's location or even reroute his browser to a malicious Web site. On its own, Trustwave's rootkit isn't much of a threat to Android users. That's because a criminal would first need to figure out how to install the software on a victim's phone. This could be done by building the rootkit into a rogue application sold via the Android Market, or by exploiting a new, unpatched bug in Android's Linux kernel that could allow the program to be installed."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Android rootkit is just a phone call away

Comments Filter:

He: Let's end it all, bequeathin' our brains to science. She: What?!? Science got enough trouble with their OWN brains. -- Walt Kelly

Working...