DroidKungFu is a malware that affects Android OS. It primarily targets users in China. The first evidence of this malware was found in the Android Market in March 2011.1
History
DroidKungFu was discovered by US-based researchers Yajin Zhou and Xuxian Jiang. The two discovered this malware while working at North Carolina State University.2 It targets the Android 2.2 platform and allows hackers to access and control devices. DroidKungFu malware can collect some user data through backdoor hacking.3
Process of DroidKungFu malware
DroidkungFu encrypts two different root exploits: a udev exploit and a "RageAgainsTheCage" exploit, to break android security.4 Once executed, it decrypts the exploits and communicates with a remote server without user knowledge.5
Function
- Silent mobile device rooting
- Unlocks all system files and functions
- Installs itself without any user interaction
Data collected
- IMEI number
- Phone model
- Android OS version
- Network operator
- Network type
- Information stored in the Phone & SD Card memory6
See also
See also
References
References
- "DroidkungFu Malware targets china". Archived from the original on 2013-03-30. Retrieved 2011-07-23.
- "Researcher who involved in finding DroidKungFu Malware". 5 June 2011. Retrieved 2011-06-20.
- "Droidkungfu malware targets android users in China". 7 June 2011. Archived from the original on 2016-03-17. Retrieved 2011-07-06.
- "DroidKungFu - Complete overview". Archived from the original on 2011-07-04. Retrieved 2011-07-06.
- "Android malware discovery(DroidKungFu)". Archived from the original on 2012-04-12. Retrieved 2011-07-06.
- "Droidkungfu malware function detailed". Retrieved 2011-07-06.