Android Malware Trend Continues, GingerMaster Targeting Gingerbread
By on August 18th, 2011

The first piece of malware for Android 2.3 ‘Gingerbread’ has been spotted. Working alongside  NetQin  -  a mobile security firm, security researcher  Xuxian Jiang  has located and detailed the inner workings of GingerMaster, the first piece of malware that attacks Android Gingerbread.

Using Gingerbreak, which is the  the latest exploit for gaining root access to Gingerbread, the malware gathers information about the infected device and sends it to a remote server. In addition to exfiltrating the IMEI, phone number and SIM serial, GingerMaster creates a backdoor root shell, stored in the system partition in an attempt to survive after software upgrades, to allow for an attacker to access the device at will.

The malware also acts as a trojan horse. Registering on a remote server, the application will sit and wait for instructions on a ‘command and control’ channel. This allows for an attacker to remotely trigger events, such as downloading and installing more malware without the user knowing or reading personal information saved on the phone.

With more and more malware for Android popping up, looking to mobile security software  as a means to protect your device is a good choice, but using more common sense with downloading applications from official stores and understanding the risks of giving permissions to apps, is a better way to protect yourself from these threats. While both Google and Apple are looking for ways to implement a “kill switch” for unauthorized devices or applications, this is a reactive measure to an inherent problem with all security implementations – they rely on the user.

Tags: , , , , ,
Author: Simon LR

Simon LR has written and can be contacted at simon@techie-buzz.com.

Leave a Reply

Name (required)

Website (optional)

 
 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN