Mobile phones are as vulnerable to viruses and malwares today as their bigger computer cousins. This fact was demonstrated by computer scientists at the North Carolina State University when they created a prototype rootkit for Android operating system. What users need to do to get infected by this seemingly harmless software is to click an infected but otherwise innocent looking application to launch the malicious software. And unlike the usual rootkits today, this type attacks the application framework instead of the Android operating system kernel, making if easy to develop and deliver.
The prototype malware was created by a team of researchers led by the University’s computer science professor Xuxian Jiang, who is also the founder of the Android Malware Genome Project. His rootkit can be installed without needing the user to reboot the phone, eliminating detection or alerting the user. Professor Jiang had demonstrated before that there are “leaks” in the permission feature of standard application configurations from big Android handset makers, allowing malicious applications to take over many of the features of the operating system.
To make Jiang’s rootkit more effective, the current mobile security software cannot detect it. The malware can be delivered through an infected application downloaded from a legitimate app store. The suspicious app can then take over the phone without the user knowing it or doing anything.
After the app is installed, it can redirect laucnhes of visible “apps” to hidden apps, where it take shelter from prowling security software installed on the phone. The rootkit can intercept whatever a user enters to a phone like credit card numbers, text messages, and many others. This makes the app a nasty one.