Researchers Find First Malware To Utilize Root Exploit Against Android 2.3

Researchers have identified the first malware – called GingerMaster – in any market that utilizes a root exploit to take over phones running Android 2.3 (Gingerbread).

A root exploit allows the malware to operate freely because it functions at the most fundamental level of the Android system, where there are no security checks. GingerMaster gives hackers full access to the smartphone and its programs, and turns the phone into a “bot” that can be controlled remotely by hackers. A technical write-up of the malware can be foundhere.

The vulnerability that this malware is exploiting was identifiedin April, but this is the first malware found “in the wild” that takes advantage of the vulnerability.

GingerMaster was first identified Aug. 18 byXuxian Jiangand his team at NC State, in partnership with mobile security companyNetQin. So far, it has only been found in a few apps in alternative Chinese markets.

Jiang also recently discovered anew iterationof the DroidKungFu malware, which utilizes root exploits against earlier versions of the Android operating system.