The seemingly impenetrable and secure interface of Android has been increasingly coming under scrutiny because of the security threats it has been facing. Last year, we found out that the pre-installed app called CarrierIQ can record our every swipe and key press and if that was not enough a new malware is believed to have the ability to gain root access to your android phone and wreak all sorts of havoc in it . This new malware goes by the name of Legacy Native (LeNa) and a few of us might recognize it as the (godforsaken) app which originally pretended to be a legitimate app and attempted to trick a user into activating its malicious payload by calling the SU utility and gaining root access through it.
Lookout Mobile Security learned that a new variant of the ‘Legacy Native’ (LeNa) malware that first appeared last fall has struck once again and this time it’s even more dangerous. The newer version of the malware is capable of remotely gaining root access in all Android enabled devices without depending on user permission, unlike its predecessor.
The new strain is even cleverer as it makes use of a trick known as GingerBreak to acquire root access to an Android device. What’s interesting is that it hides its payload just beyond the End of Image marker of any usual fully functional JPEG image and then starts communication with a remote control and command server without the user ever suspecting it to launch packages right under his nose, converting it into a rooted device.
This variant has chosen the latest installment of Rovio’s ‘Angry Birds Space‘ as its current disguise but users need not worry too much as it is thought to have not yet reached the Google Play store. Although users cannot take a complete sigh of relief because the danger of an imminent threat lurks around and they should be wary of downloading apps from alternative markets. The open source nature of Android makes it an easy target for such threats.
But if you want to secure your phone from such threats, be alert for unusual behaviors on your phone, always check the permissions which an app requests, only download apps from trusted sources and last but not the least download a mobile security app for your phone that scans every app you download to ensure its safety.