Just days after a wallpaper app was called out for harvesting private data, security researchers have revealed another potential pitfall in Google’s popular mobile operating system. At Defcon hackers conference, Las Vegas, researchers from Spider Labs distributed a rootkit that exploits a bug present in the Android operating system.
“It wasn’t difficult to build,” said Nicholas Percoco, head of Spider Labs, who worked with his partner to develop the malware in just two weeks. The rootkit in question is able to silently gain full system access and can collect and transmit sensitive user information like e-mail and text messages. Spider Labs hopes that the public disclosure will prompt manufacturers to fix the bug present in current Android systems.
Percoco used HTC Legend and Desire handsets for the demonstration; however, he believes that other Android phones are also vulnerable. While Android’s openness is one of its biggest strengths, it can also turn out to be its biggest weakness. The open Market definitely makes it an easier target than the iPhone.