Android.Bmaster Exploits root access to connect to Botnet  

Monday, February 20, 2012

A new piece of Android malware named Android.Bmaster, first highlighted by researcher Xuxian Jiang at North Carolina State University, was uncovered on a third-party marketplace and is bundled with a legitimate application for configuring phone settings, Symantec researcher Cathal Mullaney wrote in a blog.

This Malware is estimated to affect between 10,000 and 30,000 phones on any given day. The malware, mostly found on Chinese phones, works by using GingerBreak, a tool that gives users root access to Android 2.3 Gingerbread. RootSmart is designed to escape detection by being named “com.google.android.smart,” which the same name as a settings app included by default with Android operating systems.

Mullaney explained that once the malware is installed on the Android phone, an outbound connection from the infected phone to a remote server is generated.“The malware posts some user and phone-specific data to the remote address and attempts to download and run an APK file from the server. The downloaded file is the second stage in the malware and is a Remote Administration Tool (RAT) for Android, detected as Android.Bmaster. This type of malware is used to remotely control a device by issuing commands from a remote server”. Keep reading

Removal Tool

[ source ]

AddThis Social Bookmark Button

Design by Amanda @ Blogger Buster