x PhoneArena is looking for new authors! To view all available positions, click here.
  • Home
  • News
  • RootSmart malware can give itself root on Android 2.3, connect to a botnet

RootSmart malware can give itself root on Android 2.3, connect to a botnet

Posted: , by Scott H.

Tags:

RootSmart malware can give itself root on Android 2.3, connect to a botnet
First of all, don’t freak out. Unless you are a Chinese consumer using an Android 2.3 handset that runs apps from an unofficial app market, in which case you may want to freak out just a little if your phone has been sending out strange texts without your bidding. Otherwise you are almost certainly in the clear.

Ok, calmed down? What’s happened is that a new bit of malware is being circulated in China that attacks Android handsets running Gingerbread (Android 2.3).  The malware, known as RootSmart, spreads itself through what appear to be legitimate apps in unofficial app markets. The malware then downloads a copy of Gingerbreak – the one-click root solution for Gingrebread devices – and proceeds to give itself root access. At that point the malware can take control of parts of your phone that you didn’t give it permission to initially, and that can cost you money (and make money for the nefarious hackers) by sending premium text messages or using other premium services.

RootSmart is not known to occur on the Android Market, and Google’s recently revealed  Bouncer security system was created to stop just these sorts of things. But it does highlight the downsides to one-click rooting methods – those methods are called “exploits” for a reason, as they circumvent the operating system’s own security features, opening up holes for less savory bits of code to break in through.

Not that this means that rooting is inherently bad, but root methods that require connecting the device to your computer are obviously not going to be able to be utilized by malware. At least not until hackers learn how to pull off that trick the bad Transformers pulled with the Allspark in the Michael Bay movies.

Remember, if you’re concerned about malware, you should probably stick to the official Android Market or Amazon’s App Store. If you are a Chinese user and you aren’t on Android 2.3 you should also be ok. If you happen to be rocking a Gingerbread handset in The Middle Kingdom, you should probably be vigilant about what apps you install, and stay on the lookout for odd activity. Installing a security app couldn’t hurt either.

source: Xuxian Jiang via The Verge

11 Comments
  • Options
    Close




posted on 09 Feb 2012, 19:48 2

1. mozes316 (Posts: 142; Member since: 30 Sep 2011)


This is getting pretty serious... I hope their is something in the works to prevent this from being more of an issue.

I chose Mac over my PC because of this type of stuff... their is no way I'm leaving my Nexus for an iPhone. :/

posted on 09 Feb 2012, 20:42 5

2. squallz506 (banned) (Posts: 1075; Member since: 19 Oct 2011)


There is a solution, don't use unofficial chinese app markets. Problem solved.

posted on 09 Feb 2012, 22:26 2

5. mozes316 (Posts: 142; Member since: 30 Sep 2011)


lmao Thanks for the tip, bro. Very insightful and all. I feel it's still an issue, this isn't the first case of Malware, their has been some cases close to home, if I'm not mistaking.

Also, I'm thinking of Android as whole, so reguardless if its in China or in the states, I want Google to be on top as it should be.

And why am I getting thumbed down for a valid concern? lol

posted on 09 Feb 2012, 23:24 3

6. twenti7 (Posts: 152; Member since: 09 Jul 2011)


Because you said "Mac". It's a dirty word to some people here.
But I agree. Google definitely needs to be on top of threats like this.

posted on 10 Feb 2012, 07:54 1

10. mozes316 (Posts: 142; Member since: 30 Sep 2011)


lol Thats what I figured... A damn shame.

posted on 09 Feb 2012, 21:08 2

3. theBankRobber (Posts: 642; Member since: 22 Sep 2011)


Always a problem with Chinese devices, whenever its about malware, its a Chinese app issue. I just stick the Android market and slide me market.

posted on 09 Feb 2012, 22:15

4. Stuntman (Posts: 669; Member since: 01 Aug 2011)


So what you are reporting is that there is Android malware that I will not get on my phone.

posted on 10 Feb 2012, 00:50 1

8. Scott_H (Posts: 167; Member since: 28 Oct 2011)


We're reporting that malware has adopted a new trick, but luckily you probably won't be a target right now.

posted on 09 Feb 2012, 23:51 3

7. protozeloz (Posts: 5326; Member since: 16 Sep 2010)


Pro tip. Root your phone a rooted phone can't be root again without permission .SU

PRO TIP #2 stick with official app stores those are safe. Better pay for an app than getting a virus for being miserable

posted on 10 Feb 2012, 04:34

9. Leo_MC (Posts: 394; Member since: 02 Dec 2011)


I don't get root on Android...
I mean, I used to use Linux and I never heard of this kind of a problem: a piece of software being able to obtain root when installed in a limited account.

posted on 12 Feb 2012, 16:18

11. WellBeSerious12 (Posts: 7; Member since: 20 Oct 2011)


LOL! Idiots! Reminds me of people who "forget" to install any kind of security, *no matter the OS*!

Want to comment? Please login or register.

Latest stories