Most Sophisticated Android Bootkit Malware ever Detected; Infected Millions of Devices

Print Friendly


Hardly two month ago we reported about the first widely spread Android Bootkit malware, dubbed as ‘Oldboot.A‘, which infected more than 500,000 Smartphone users worldwide with Android operating system in last eight months, especially in China.Oldboot is a piece of Android malware that’s designed to re-infect Mobile devices even after a thorough cleanup. It resides in the memory of infected devices;  It modify the devices’ boot partition and booting script file to launch system service and extract malicious application during the early stage of system’s booting.Yet another alarming report about Oldboot malware has been released by the Chinese Security Researchers from ‘360 Mobile Security’. They have discovered a new variant of the Oldboot family, dubbed as ‘Oldboot.B‘, designed exactly as Oldboot.A, but new variant has advance stealth techniques. Especially, the defense against with antivirus software, malware analyzer, and automatic analysis tools. “The Oldboot Trojan family is the most significant demonstration of this trend.” researchers said.Oldboot.B, Android Bootkit malware has following abilities:It can install malicious apps silently in the background.It can inject malicious modules into system process.Prevent malware apps from uninstalling.Oldboot.B can modify the browser’s homepage.It has ability to uninstall or disable installed Mobile Antivirus softwares.

 

INFECTION & INSTALLING MORE MALWARE APPSOnce an Android device is infected by Oldboot.B trojan, it will listen to the socket continuously and receive and execute commands received from the attacker’s command-and-control server.Malware has some hidden ELF binaries, that includes steganographically encrypted strings, executable codes and configuration file downloaded from C&C server, located at az.o65.org (IP is 61.160.248.67).After installation, Oldboot Trojan install lots of other malicious android applications or games in the infected device, which are not manually installed by the user.

Source: http://whogothack.blogspot.co.uk/2014/04/most-sophisticated-android-bootkit.html#.VmHrflUrLIU

The post Most Sophisticated Android Bootkit Malware ever Detected; Infected Millions of Devices appeared first on Am I Hacker Proof.

View full post on Am I Hacker Proof

Print Friendly

Leave a Reply