Hackers Get Lazy, Build Trojan On Top of Android Rooting Utility

An anonymous reader writes: Instead of creating their own exploits, some lazy Chinese hackers took the Root Assistant Android rooting toolkit and remodeled it into a trojan, which they packed inside copies of legitimate apps (distributed via unofficial app stores). Until now, only seven apps were repackaged, and only 600 users infected. A weird thing: there's a XML file in the trojan that prevents it from infecting Chinese users.

Just good software-engineering practice

[gweihir]

Do not re-invent the wheel, re-use what is already there. What we are seeing here is a transition from the "genius" hacker (in reality often not even reasonably smart, but very persistent and focused) to normal engineers (engineers without morals to be sure, but history is full of them). The thing that allows this transition is the abysmally bad state of software and device security, which seems to be getting worse, not better.

Drivers here are classical greed and stupidity, and fascist fantasies of being able to snoop on everybody anywhere, anytime. There are only two outcomes: Security gets fixed (which is a major, major undertaking and requires a cultural change) or we will see a rather drastic end of the advantages of the information age for most people with just a few small elites still profiting.