We've seen our fair share of Android malware hit the scene, but the guys over at Kaspersky Labs have stumbled upon something rather alarming: the first IRC bot for Android. For those unaware, an IRC bot is a tool that provides automated function inside of an IRC channel. While very useful in many scenarios, IRC bots are also often used for malicious intent, such as the case at hand. It's worth noting here that, with the way this attack works, remote commands could be sent via any medium - SMS, webserver, etc. The attacker has just chosen IRC as the platform for this exploit.
People want to own their phones. Try as they might to frustrate their customers, networks and manufacturers are fighting a losing battle against the hacking community. The latest victory is an enormous one: the HTC Vision, better known as the T-Mobile G2 and Desire Z has finally been defeated. That pesky eMMC chip locking up the /system of the G2 has been circumvented, and full, glorious, permanent root has been attained:
12:04 < scotty2> -rw-rw-rw- root root 0 2010-11-09 03:00 test
Yep, that's full read and write permissions there, and it's permanent too. The #g2root channel has had an idea of the method to use for almost a month now, but have only just finalized the solution.