'Relatively easy to develop'
Researchers have demonstrated that its very easy to develop a rootkit for Google’s Android OS, which can 'clickjack' users into launching malicious apps...
A research team at North Carolina State University have identified an aspect of Android 4.0.4 (Ice Cream Sandwich) and earlier versions that 'clickjacking rootkits' could exploit.
They've demonstrated a prototype rootkit for Android that can “clickjack” users into launching malicious apps when they think they’re executing legitimate ones.
Seems that the rootkit was not too difficult to develop, and that no existing mobile security software was able to detect it.The rootkit, developed by a team led by NC State computer science professor Xuxian Jiang, founder of the Android Malware Genome Project, can be installed without rebooting the phone or otherwise alerting the phone’s owner. Jiang had previously demonstrated the vulnerability when he and fellow researchers showed that permission “leaks” in standard application configurations from major Android handset vendors could let untrusted applications take over many of the features of the operating system.
Jiang said the rootkit is undetectable by current mobile security software. It could be delivered to a phone concealed within an infected application downloaded by a user from an app store, and take control of the phone without any further input from the user.
Once installed, the rootkit can hide apps on an Android device, and redirect launches of visible applications to “hidden” apps.
Let's hope so. The team is working on the Android Malware Genome Project, so this could help Google, Security Software companies and Developers to do something before its too late...“But there is good news. Now that we’ve identified the problem, we can begin working on ways to protect against attacks like these.”
Take a look at the rootkit demonstration by watching the video below!
NEWS SOURCE #1: WMS Jiang clickjack (via) NCSU
NEWS SOURCE #2: Researchers create clickjack rootkit for Android that hijacks apps (via) ArsTechnica
Our thanks to 'Gauss' for this news item!