Rootcager Trojan found on the official Android market
Posted on 02.03.2011
Free Android applications bundled up with malware have spilled over into the official Android marketplace.

According to Symantec, the malware in question can root the phone, harvest data and open backdoors - similar to the recent Geimini Trojan spotted lurking on third-party Chinese Android app markets.

"The applications in question are popular free apps, bundled with malware, that have then been republished in the official marketplace under different application and publisher names," says researcher Joji Hamada.

Google has jumped into the fray and removed the applications from the market, but according to Symantec's sources somewhere between 50,000 and 200,000 downloads took place during the four days that the apps were available for download.

This new Trojan has been dubbed Rootcager because of the rageagainstthecage file included in the Android Package containing the affected apps.

Rageagainstthecage is a file that can also be used to legitimately root a phone in order for the users to gain administrative rights, but in this case it's used to allow the Trojan to do things like taking screenshots, harvesting IMEI and IMSI numbers and send them to remote sites, and drop a DownloadProvidersManager Android Package that will further execute downloads in the background.

For the full list of the potentially affected apps, go here. In you think you may have installed one of them on your device, check the installed apps against it or check the “running services“ settings on your phone for the DownloadManageService started by an application.


The role of the cloud in the modern security architecture

Posted on 31 July 2014.  |  Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Aug 1st