New Android malware can remotely root phones

<center><a href="http://www.bgr.com/2012/04/05/new-android-malware-can-remotely-root-phones"><img class="size-full wp-image-128334 aligncenter" title="android-robots" src="http://www-bgr-com.vimg.net/wp-content/uploads/2012/01/android-robots.jpeg" alt="" width="652" height="438" /></a></center>

Lookout Mobile Security on Tuesday published a report stating that a known malicious Android program has been updated with the ability to harm a device without depending on a user’s interaction. The new version of the “Legacy Native” (LeNa) app utilizes an exploit called <em>GingerBreak</em> to gain root permission on Android phones. The new variant of LeNa hides its payload just past the <em>End of Image</em> marker of an otherwise fully-functional JPEG. The malware is then able to communicate with a command and control server to install and launch packages unbeknown to the phone’s user. According to the report, this new version of LeNa is currently being distributed in a fake version of Angry Birds Space, but the malicious program is not believed to have made its way into <a href="http://www.bgr.com/2012/03/06/google-announces-google-play-to-replace-android-market-video/">the Google Play marketplace</a> at this time.<span id="more-134660"></span>

[Via <a href="http://threatpost.com/en_us/blogs/new-android-malware-variant-can-remotely-root-phone-040412">Threatpost</a>]

<a href="http://blog.mylookout.com/blog/2012/04/03/security-alert-new-variants-of-legacy-native-lena-identified/">Read</a>

<img src="http://feeds.feedburner.com/~r/TheBoyGeniusReport/~4/JErrtEMZ1mU" height="1" width="1"/>

Via BRG - Boy Genius Report