In what’s turning out to be a busy couple of days for security threats, Lookout Mobile Security has discovered the Legacy Native (LeNa) malware of last fall is back, and capable of remotely gaining root access to Android devices.
Last year’s version posed as an authentic application, and relied on user interaction to acquire access and covertly install a native binary file. After infiltrating the device, it could then gather various information, and although the threat of infection was relatively minimal, it did crop up a few times in the old Android Market – known these days as the Google Play Store.
The new iteration takes advantage of an exploit known as GingerBreak in order to secure root permission to an Android device. It obscures its payload just past the End of Image marker of an otherwise normal JPEG image file, and can then communicate with a remote command and control server, launching packages under the nose of the oblivious user. Resulting in a – you guessed it – rooted Android device.
Apparently, the new LeNa strain currently operates under the guise of Rovio’s latest outlet "Angry Birds Space," but users are assured that the malware has not yet made its way to the Google Play Store, so there’s presently no need to be more than moderately alarmed.
Android’s open-source nature renders it a fertile ground for such applications to ply their trade. The plethora of alternative markets make it difficult to track some of the well-put-together illegal apps and files carrying all manner of potential risk and threat, which is indeed not a good thing at all.
Android has drawn a lot of negative press due to the sheer number of malware and infections threatening the tens 100+ million army of Android users. Despite Google’s efforts to break the chain with its Bouncer implementation, it hasn’t exactly instilled masses of confidence among consumers. A strain of malware attaching itself to Facebook was still operating under the Bouncer’s nose, and ever since, things seem to have gone from bad to worse.
Let’s hope this threat doesn’t become a serious issue threatening security.
To wrap it all up, what do you – the readers – make out of all this? Do you think this can potentially lead to labeling Android as an unsafe mobile OS to use? Drop your thoughts on the usual mediums given below.