DroidKungFu
Jump to navigation
Jump to search
DroidKungFu is a malware that affects Android OS. It primarily targets users in China. The first evidence of this malware was found in the Android Market in March 2011.[1]
History
[edit | edit source]DroidKungFu was discovered by US-based researchers Yajin Zhou and Xuxian Jiang. The two discovered this malware while working at North Carolina State University.[2] It targets the Android 2.2 platform and allows hackers to access and control devices. DroidKungFu malware can collect some user data through backdoor hacking.[3]
Process of DroidKungFu malware
[edit | edit source]DroidkungFu encrypts two different root exploits: a udev exploit and a "RageAgainsTheCage" exploit, to break android security.[4] Once executed, it decrypts the exploits and communicates with a remote server without user knowledge.[5]
Function
[edit | edit source]- Silent mobile device rooting
- Unlocks all system files and functions
- Installs itself without any user interaction
Data collected
[edit | edit source]- IMEI number
- Phone model
- Android OS version
- Network operator
- Network type
- Information stored in the Phone & SD Card memory[6]
See also
[edit | edit source]- Botnet
- Command and control (malware)
- Denial-of-service attack
- File binder
- Shedun
- Trojan horse
- Zombie (computer science)
- Zeus (malware)
References
[edit | edit source]- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).