Slashdot Mirror


Silent, Easily Made Android Rootkit Released At DefCon

An anonymous reader writes with news that security experts from Spider Labs released a kernel level rootkit for Android devices at DefCon on Friday. "As a proof of concept, it is able to send an attacker a reverse TCP over 3G/WIFI shell upon receiving an incoming call from a 'trigger number.' This ultimately results in full root access on the Android device." The rootkit was developed over a period of two weeks, and has been handed out to DefCon attendees on DVD.

2 of 133 comments (clear)

  1. Re:At talk right now ... NON-ISSUE! by bonch · · Score: -1, Troll

    It's getting really annoying seeing Google/Android fanbois falling over themselves to claim this is a non-issue, a non-story, etc. If the iPhone had a story about a rootkit, there would be 500+ comments, with half of them addressing Steve Jobs by name since Apple-haters think he can hear them.

    Every time someone claims there is no attack vector, a hacker somewhere is always drooling over the idea of proving them wrong.

  2. That's what they think. by blair1q · · Score: 1, Troll

    I bet the Android rootkit isn't the only rootkit on that CD... I for one wouldn't put anything I obtained at DefCon into any equipment I owned. Maybe not even into my shredder.