updated 07:40 pm EST, Fri February 10, 2012
Android malware, RootSmart, infecting phones
A new piece of Android malware is afflicting thousands of users. North Carolina State University professor Xuxian Jiang, who documented the nature and behavior of RootSmart last week, believes that between 10,000 to 30,000 user devices are connecting to a botnet without their knowledge everyday. Most of the affected users thus far are located in China and have installed the GingerBreak root access tool for Android 2.3 (Gingerbread).
Affected users have typically visited an unofficial Android app store and downloaded what might appear to be a legitimate app. Unbeknownst to the user, the RootSmart exploit will also be grafted into the app and detect the GingerBreak tool. It will also appear as a second settings icon. The malware then functions as part of a wider botnet and will force a users phone into sending premium messages and phone services generating a healthy income stream for the scammer, while emptying the pocket of infected users.
As with most Android malware, the steps to avoid it include visiting only known and trusted official Android markets when downloading apps (although these have also been purveyed malicious apps at various times). Checking reviews and rating is also advised as is reviewing an apps permissions and observing and acting on any unusual behavior exhibited by a phone. Prof. Jiang also recommends that users install antivirus software on their Android phones and keep it updated against the latest threats. [via The Verge]