• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Current News   »   Gingerbread-specific malware spotted in the wild

Gingerbread-specific malware spotted in the wild

  • Posted on:September 1, 2011
  • Posted in:Current News, Privacy & Policy
  • Posted by:
    Trend Micro
0

The first example of a malware program specifically targeted at the latest version of Google's Android mobile OS, known as Gingerbread, was discovered this month by North Carolina State University researcher Xuxian Jiang.

Worryingly, Jiang wrote in a recent blog entry announcing his find, the so-called GingerMaster malware takes advantage of a known root access vulnerability to evade detection by most mobile antivirus software systems.

According to Jiang, GingerMaster is a development of the known DroidKungFu malware, which uses a similar root access exploit to get around data protection measures on devices running Android 2.2 and below.

GingerMaster is distributed primarily through repackaged versions of popular Android apps, the researcher said.

Jiang said that the infection is a two-stage process. First, GingerMaster is installed via a compromised .apk, at which point it contacts a C&C server and sends a large amount of information, including phone number and device ID. In response, the C&C server downloads the aforementioned exploit itself, which installs the malware silently on the infected device and grants itself root access.

The researcher stressed that the malware is a serious threat to data security on Android devices, and urged users to download files only from reputable app markets. Additionally, he said, internet security programs should be used and regularly updated to provide additional protection against GingerMaster and other potential threats. Carefully monitoring phone behavior for unusual activity and thoroughly understanding all permissions requested by an app during installation are also good ways to ensure a mobile device doesn't get infected by malicious code.

CSO Online reported that GingerMaster and similar precursors like DroidKungFu are most frequently found on third-party app markets hosted in China. That publication also noted that Google's recent purchase of Motorola may be an attempt to help regulate the way its software is distributed to end users and improve data protection possibilities.

According to ComputerWorld, numerous data protection companies agree that the amount of Android malware in the wild has spiked noticeably in recent months, undoubtedly due to the correspondingly rapid increases in the number of Android users. Such malware has even been seen in the official Android app store, as Google was forced to yank a number of apps this spring when they were found to be infected with the DroidDream Trojan.

Related posts:

  1. New malware may anger Angry Birds lovers
  2. Mobile malware on the rise, study finds
  3. Can malware be spotted in TLS without having to decrypt the traffic?
  4. Which specific malware trends should American businesses be prepared for?

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Digital Transformation is Growing but May Be Insecure for Many
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.