Android malware gives itself root access, costs you a fortune

Android malware gives itself root access, costs you a fortuneWe’re well used to scaremongering from security chaps who conveniently offer peace-of-mind solutions for a small fee, but given that this latest malware outbreak appears to be specific to China, we’ll leave the salt to the side for now.

Symantec and Xuxian Jiang, a professor of computing science at North Carolina State University, have been dishing the dirt on the dastardly RootSmart.

As is often the case with these outbreaks, RootSmart piggybacks on seemingly legitimate apps downloaded from third party sources. To be fair to our Chinese friends, the official Android Market is blocked in China.

RootSmart initially lies dormant and masks itself as com.google.android.smart, waiting for an event – such as an outgoing call – before connecting to a server made of pure evil and downloading GingerBreak.

With GingerBreak, RootSmart gives itself increased privileges, and as such is able to start making premium rate calls and sending premium rate messages. Bad times. Symantec figures RootSmart is raking in anything from $1,600 to $9,000 daily.

On the plus side, according to Symantec, RootSmart is only active on two Chinese mobile networks, and in fact ignores infected devices outside the unfortunate two.

However, it’s probably best to leave that Sexy Chinese Strip Girls 5 app alone for now.

via: Informationweek

Read more about: Android

Add a comment
3 comments

matt101101 / MOD  Feb. 10, 2012 at 14:05

It also would only affect 58% of devices...those running GB, since it uses GingerBreak to gain root access. Also, I know GingerBreak doesn't work on the S2, so I bet it doesn't work on other devices running 2.3 as well.

Yet another Android malware non-issue, basically.

MDrX  Feb. 10, 2012 at 15:28

Doesn't sound like a non-issue to me, in fact it sounds like those issues Microsoft were having with IE6. Yes, a later version is out and a patch but not everyone has it and when you start talking about places like China, well, it isn't just going to go away.

Ask Google about those IE6 issues in China.

Treab  Feb. 10, 2012 at 16:19

Symantec figures RootSmart is raking in anything from $1,600 to $9,000 daily.

is that per person or per country.. cause china has what 1.6 billion people? now lets say its 9k for the whole country its hardly the biggest fraud ever...

Email:

You don't need an account to comment. Just enter your email address. We'll keep it private.

Comment: