Security Researchers Develop Proof-of-Concept Rootkit for Android Phone

Paul Lilly

Here's a scary thought - you may soon have to worry about security on your smartphone just as you do on your PC. Up to this point, cell phone security has almost been an afterthought, at least in the public's eye, but that's about to change. Two researchers from Trustwave -- Nicholas J. Percoco and Christian Papathanasiou - are scheduled to demo a rootkit running on an Android-based smartphone at the Defcon security conference in Las Vegas next month.

"We have developed a kernel-level Android rootkit in the form of a loadable kernel module. As a proof of concept, it is able to send an attacker a reverse TCP over 3G/WIFI shell upon receiving an incoming call from a 'trigger number'. This ultimately results in full root access on the Android device. This will be demonstrated (live)," the two researchers wrote.

As the security duo point out, "the implications of this are huge." With full rootkit access, attackers would be able to read all SMS messages on the phone, drive up long distance phone bills, and could even hunt down the owner's exact GPS location. The flexible rootkit can be installed over-the-air or alongside a rogue app, the researchers says.

Percoco and Papathanasiou didn't say exactly how they were able to bypass Android's security measures to install the rootkit in the first place, but did say why they zeroed in on Android.

"Android forms a perfect platform for further investigation due to its use of the Linux kernel and the existence of a very established body of knowledge regarding kernel-level rootkits in Linux," they wrote.

Image Credit: Download.com

Around the web

by CPMStar (Sponsored) Free to play

Comments