Rootcager Trojan found on the official Android market
Posted on 02.03.2011
Free Android applications bundled up with malware have spilled over into the official Android marketplace.

According to Symantec, the malware in question can root the phone, harvest data and open backdoors - similar to the recent Geimini Trojan spotted lurking on third-party Chinese Android app markets.

"The applications in question are popular free apps, bundled with malware, that have then been republished in the official marketplace under different application and publisher names," says researcher Joji Hamada.

Google has jumped into the fray and removed the applications from the market, but according to Symantec's sources somewhere between 50,000 and 200,000 downloads took place during the four days that the apps were available for download.

This new Trojan has been dubbed Rootcager because of the rageagainstthecage file included in the Android Package containing the affected apps.

Rageagainstthecage is a file that can also be used to legitimately root a phone in order for the users to gain administrative rights, but in this case it's used to allow the Trojan to do things like taking screenshots, harvesting IMEI and IMSI numbers and send them to remote sites, and drop a DownloadProvidersManager Android Package that will further execute downloads in the background.

For the full list of the potentially affected apps, go here. In you think you may have installed one of them on your device, check the installed apps against it or check the “running services“ settings on your phone for the DownloadManageService started by an application.






Spotlight

Patching: The least understood line of defense

Posted on 29 August 2014.  |  How many end users, indeed how many IT pros, truly get patching? Sure, many of us see Windows install updates when we shut down our PC and think all is well. It’s not.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 2nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //