Security Researchers Develop Proof-of-Concept Rootkit for Android Phone
Security Researchers Develop Proof-of-Concept Rootkit for Android Phone
Posted 06/03/2010 at 5:16am
| by Paul Lilly
3
Comments
Print
Here's a scary thought - you may soon have to worry about security on your smartphone just as you do on your PC. Up to this point, cell phone security has almost been an afterthought, at least in the public's eye, but that's about to change. Two researchers from Trustwave -- Nicholas J. Percoco and Christian Papathanasiou - are scheduled to demo a rootkit running on an Android-based smartphone at the Defcon security conference in Las Vegas next month.
"We have developed a kernel-level Android rootkit in the form of a loadable kernel module. As a proof of concept, it is able to send an attacker a reverse TCP over 3G/WIFI shell upon receiving an incoming call from a 'trigger number'. This ultimately results in full root access on the Android device. This will be demonstrated (live)," the two researchers wrote.
As the security duo point out, "the implications of this are huge." With full rootkit access, attackers would be able to read all SMS messages on the phone, drive up long distance phone bills, and could even hunt down the owner's exact GPS location. The flexible rootkit can be installed over-the-air or alongside a rogue app, the researchers says.
Percoco and Papathanasiou didn't say exactly how they were able to bypass Android's security measures to install the rootkit in the first place, but did say why they zeroed in on Android.
"Android forms a perfect platform for further investigation due to its use of the Linux kernel and the existence of a very established body of knowledge regarding kernel-level rootkits in Linux," they wrote.
Image Credit: Download.com
More like this
Mazter_Jedi
June 03, 2010 at 5:55am
If you have figured out how to hack a device and explore uncharted terrirtory such as this, just share it with the DOD and the security companies. NO need to demonstrate it in public!!!!
Do. Or do not. There is no try.
Hangdog42
June 03, 2010 at 11:22am
They haven't figured out how to "hack" anything. Notice this little tidbit:
Percoco and Papathanasiou didn't say exactly how they were able to
bypass Android's security measures to install the rootkit in the first
place,
Its a rootkit. Which means that you have to have root level access to install it, and Android phones don't allow that unless you've purposely rooted your phone. Just installing an app from the Marketplace doesn't do it. All they've done is written a kernel module that can do bad things. Big whoop. For this to be a threat, a user would have to:
1) Download an infected app
2) Purposely root their phone
3) Give the infected app root access
Not many people are that dumb.
geewhipped
June 03, 2010 at 10:17am
live demos at defcon/blackhat/etc exist because simple disclosure doesn't work.
you have to make a spectacle out of it and get it into the news, otherwise the companies that feel threatened by it will simply shove it into a drawer and pretend it doesn't exist.
ask any white-hat and they'll tell you: the only reliable way to get a problem fixed is to
a) disclose the problem/vuln to the parties that have the power to fix it
b) tell them you'll be demonstrating a proof-of-concept hack at a specific date in the future so they have until then to fix it.
Connect with MaximumPC
Featured Content
We introduce Intel's latest class of tablet killers and review 4 of the first Ultra...
Where have all the memorable videogame enemies gone?
This month's issue
Feature
11 Hardware Hacks
Feature
Overclock Your CPU
How-To
Supercharge Your Smartphone
Build It
A Powerful $830 Rig
Most Commented Articles
Latest Max PC Tweets
- maximumpc: Multi-Monitor Usage On The Rise http://t.co/eWfJfCEG10 hours 41 min ago
- maximumpc: Windows 8 Consumer Preview Coming On February 29 http://t.co/3Nd04FdR16 hours 29 min ago
- maximumpc: Can RIM *ever* catch a break? Not today! App World numbers not as great as previously reported http://t.co/3ERRhr311 day 12 hours ago
