Security News > 2021 > October > This New Android Malware Can Gain Root Access to Your Smartphones

An unidentified threat actor has been linked to a new Android malware strain that features the ability to root smartphones and take complete control over infected smartphones while simultaneously taking steps to evade detection.
Lookout Threat Labs said it found a total of 19 Android applications that posed as utility apps and system tools like password managers, money managers, app launchers, and data saving apps, seven of which contained the rooting functionality.
"While rare, rooting malware is very dangerous. By using the rooting process to gain privileged access to the Android operating system, the threat actor can silently grant themselves dangerous permissions or install additional malware - steps that would normally require user interaction," Lookout researchers said.
"Elevated privileges also give the malware access to other apps' sensitive data, something not possible under normal circumstances."
Once installed, the attack chain is designed to one of five exploits for older Android security flaws that would allow it to gain root permissions and take over the device, extract sensitive data, and transmit to a remote attack-controlled server -.
Lookout attributed the mass distributed rooting malware campaign to a "Well-resourced group with financial motivation," with telemetry data revealing that Android device users in the U.S. were the most impacted.
News URL
Related news
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- Palo Alto firewalls under attack as miscreants chain flaws for root access (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Vo1d malware botnet grows to 1.6 million Android TVs worldwide (source)
- BadBox malware disrupted on 500K infected Android devices (source)
- North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps (source)
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- New Crocodilus malware steals Android users’ crypto wallet keys (source)