Ever heard of the words 'root' or 'rooting' used on Android Smartphones? What does it exactly mean? Do roots literally come out of our smartphones or what?!
Today we'll be discussing about rooting and an Android BackDoor that can perform such a feat on our smartphones.
What is 'root' / 'rooting'?
Rooting is a term used to describe the process of unlocking the operating system(in this case, Android) in order to install or uninstall certain apps(bloatware), update the OS, replace the device's firmware, overclock/underclock the processor, customize anything, etc.
Basically, this means that when you 'root' your device, you can pretty much do anything and everything to your device(Well, not everything. LOL. As long as you know what you're doing, you'll be safe. Sorta.). It's like opening your device's Pandora's Box.
"Ah~ it's kinda like jailbreaking.".
Yes. And unless you know what you're doing you'll be ok.(hopefully.) But what happens when a malware named Android.BackDoor.213.origin does it to your smartphone?! "Oh me! Oh my! Oh dear!".
What does Android.BackDoor.213.origin do?
When Android.BackDoor.213.origin is installed and launched onto the device, it will immediately try to get root privileges by using various tools stored inside its program package.
If this malware is successful at gaining the infected device's root privileges(Oh no!), it will remove the su and HTMLViewer applications from the system and injects a malicious modification of HTMLViewer in the system/app which contains Android.BackDoor.114.origin. This Trojan is also capable of placing its own version of su and busybox on system/xbin.
Wait, What's that additional Android.BackDoor.114.origin?
Ah, Android.BackDoor.114.origin has similar functions with Android.BackDoor.213.origin such as sending all retrieved data to a command and control server along with the contents of /system/build.prop, checking if the option to install applications from unreliable sources is disabled(in case that it is disabled, the Trojans will activate it), and sending SMS messages to premium-rate numbers.
Article Refs: http://www.cnet.com/how-to/how-to-easily-root-an-android-device/ (for the definition of root/rooting) http://vms.drweb.com/virus/?_is=2&i=7562236 (for Android.BackDoor.213.origin) and http://vms.drweb.com/search/?q=Android.Backdoor.114 (Android.BackDoor.114)
No comments:
Post a Comment