Malware, Trojans, and spyware are quite common in the mobile world, especially when we speak about the Android mobile operating system. While we have been listening to stories related to Android malware throughout this as well as last year, the latest news is the discovery of a devilish rootkit that uses the technique of clickjacking, and hijacks the Android user’s data in a sophisticated way.
Yes, the “sophisticated” way. The loophole was detected by a research team led by Xuxian Jiang at North Carolina State University.
According to the team, they could redirect a fandroid’s touchscreen taps –a technique known as clickjacking–to inject a rootkit that can evade detection and maliciously alter the operation of the device. The team also developed a “proof-of-concept prototype rootkit that attacks the Android framework, rather than the underlying operating system kernel”.
The clickjacking is present in Android 4.0.4 (Ice Cream Sandwich) and previous versions of the operating system. The entire installation and data hijacking process in such sophisticated way that it is difficult for the user to have a hint about it. It seems as if the user is giving permission for any other smartphone command.
“This would be a more sophisticated type of attack than we’ve seen before, specifically tailored to smartphone platforms,” Xuxian explained. “The rootkit was not that difficult to develop, and no existing mobile security software is able to detect it. Now that we’ve identified the problem, we can begin working on ways to protect against attacks like these.”
Android and virus attacks are quite common, and this is justified by a report released by Juniper earlier this year. According to Juniper’s 2011 Mobile Threat Report, mobile malware increased by 155 percent in 2011 across all platforms compared to the previous year, and Android is the favorite one. To help mobile users safeguard themselves from these attacks, Juniper also launched a video on how to mobile protection.