Android’s biggest weakness may be the huge numbers in which smartphones running the software have sold, but it’s fairly safe to say at this point that phones and tablets running various flavors of Android are less than secure. In fact, the hacking of Android-powered devices is such a problem that it’s been the beneficiary of plenty of attention from the security fraternity.
Keen to shed light on the issue of compromised phones, Chinese firm 360 Mobile Security has done some digging into the 500,000 devices that are suspected of carrying a particularly nasty piece of malware: Oldboot.
Oldboot’s claim to fame is that even though there is a free tool to detect and hopefully remove the malware, things aren’t quite as simple as one would hope. According to the research, Oldboot is capable of living inside a device’s memory, modifying its boot partition and associated scripts so that it can survive. Its ability to avoid eradication is only part of the problem though, because Oldboot can do all manner of nasty things once it’s got its claws into your Android-powered device such as install apps on its own, uninstall security measures and inject malicious code into system operations. That’s enough for Oldboot to get up to some particularly nasty tricks indeed.
While it’s not clear what Oldboot’s endgame is, the family of trojans to which it belongs isn’t new, with an aim of profit being the driving force behind it. The Oldboot family of malware is capable of quickly adapting to what it sees as threats, making it particularly powerful. The fact that it can prevail even after a seemingly thorough cleanup of the device it has infected is particularly troublesome, and potentially means that it’s running on a huge number of devices when people actually think they’re rid of it.
It’s unclear where Oldboot comes from or how it is infecting devices, but the tool from 360 Mobile Security that claims to rid phones of the malware is something many will want to have in their arsenal. It’s free, so there’s no reason not to give it a try just to make sure you’re clean either!
(Source: 360MobileSecurity [Google Translate])
You may also like to check out: