Slashdot Mirror

← Back to Stories (view on slashdot.org)

Android Rootkit Is Just a Phone Call Away

Posted by samzenpus on from the dial-M-for-malware dept.

alphadogg writes "Hoping to understand what a new generation of mobile malware could resemble, security researchers will demonstrate a malicious 'rootkit' program they've written for Google's Android phone next month at the Defcon hacking conference in Las Vegas. Once it's installed on the Android phone, the rootkit can be activated via a phone call or SMS message, giving attackers a stealthy and hard-to-detect tool for siphoning data from the phone or misdirecting the user. 'You call the phone, the phone doesn't ring, and when the phone realizes that it's being called by an attacker's phone number, it sends him back a shell [program],' said Christian Papathanasiou, a security consultant with Chicago's Trustwave, the company that did the research."

3 of 190 comments (clear)

  1. just like installing a trojan on your computer! by Anonymous Coward · · Score: 5, Interesting

    ...which could let the hacker get access.

    I am an Android developer--- and this article is fail. If a user just installs whatever app--- giving it whatever permissions to their phone.. how is this any different from a stupid user installing an app on their PC/MAC that has a trojan built in?

    And the ability to "listen" for a call is called a BroadcastReceiver. It's nothing special or hackish. Think a trigger ruleset for Android like you have for your mail client.

    Good god.

  2. Talk about misleading headline! by AC-x · · Score: 5, Insightful

    The headline makes it sound like you can get infected with a root kit from a phone call which is nothing like what's being said, what a load of sensationalist bollocks.

    Why would you even want to activate a root kit via a phone call? The phone's got a permanent internet connection so it may as well just poll a server for commands.

  3. Code can run on processors if installed properly. by GNUALMAFUERTE · · Score: 5, Insightful

    Film at 11.

    This guys installed a fucking KERNEL MODULE into that system. Well, they can make it receive calls, or they can make it play fucking tetris. It's code. You can write whatever you want, and execute it however you want, if you have access!

    Being able to run code in a given processor is NOT AN EXPLOIT, it's just basic functionality. If I got ahold of your computer, installed a CD drive in it, erased your OS, then installed Ubuntu on it, and used that to play tetris, is that considered a vulnerability too?

    It would be a vuln if they had the ability to install that fucking rootkit without physical access to the phone. That's the hard part.

    Article is FUD and submiter is trolling. 0/10

    --
    WTF am I doing replying to an AC at 5 A.M on a Friday night?