Android Police

Articles Tagged:

rootkit

46

Researchers finally discover how Android malware that could survive factory resets works

Earlier this year, a story made the rounds about a new kind of malware afflicting Android handsets. But it was this malware's pernicious nature that really made headlines, as it could even survive complete factory resets on afflicted phones. This insidious malware was named xHelper. At the time, we didn't know how it managed this impressive (but scary) achievement, but security researchers at Kaspersky have since dug into its inner workings, revealing an incredibly sophisticated system that installs itself to an Android phone's system partition, and even changes how the system works to prevent it from being "easily" removed.

Read More
5

Research Team Creates "Clickjack Rootkit" For Android That Can Hijack Apps, Exploit User Input

Xuxian Jiang, along with his research team at North Carolina State University, has cooked up a proof-of-concept "clickjack rootkit" which targets Android. The rootkit is unique not only in that it can function without a device restart, but also in that it targets Android's framework, not requiring deep modifications to the underlying firmware or kernel.

Clickjacking, for those unfamiliar, is a malicious technique typically used on the web to "trick" users into handing over control of their device or confidential information.

The researchers' rootkit, which can itself manipulate an infected device, works by hiding apps on a device, and redirecting app launches to said hidden apps.

Read More
46

Carrier IQ Explains How Its Software Works, Implicitly Blames HTC For Insecure Log Files, Data Leak Exposed By Trevor Eckhart

Amid the turmoil surrounding Carrier IQ, the company's VP of Marketing, Andrew Coward, has come forward in a series of interviews with a few clarifications.

For those not in the loop, the controversy around Carrier IQ is based on developer Trevor Eckhart's findings which indicated that Carrier IQ's software was indeed collecting a vast array of information, and his demonstration showing that said data could be read using a simple command – one that could be executed by any malicious app with access to logcat. This data includes location information, SMS messages, and key taps.

Before we dive into Coward's remarks on the issue of security (and why he says CIQ is not to be blamed for insecure logs), it's important to look at how CIQ actually functions on a device.

Read More
3

T-Mobile G2 Auto-Reinstalls Stock Android If You Attempt To Root

Well, we didn't see this one coming. Hackers over at XDA-Developers have discovered that there is a hardware chip limiting the hackability of the G2, undermining the owner's ability to customize the Android OS. The chip acts as a rootkit and over-writes modifications to the /system partition after rebooting.

This is a very unsettling development. Heck, I thought we had a nice dynamic working in the Android manufacturer sphere: Motorola tried to lock down everything and HTC just made sweet devices. Guess that was too naive a viewpoint to take, as with this HTC have shown themselves capable of being just as stifling as Moto.

Read More
Mastodon