Lookout identifies new malware threat, LeNA
Lookout has identified a new Android malware threat which actually ends up as somewhat of an evolution of an older Trojan. This new threat shares common traits with the Legacy variant known as DroidKungFu however this time it was not limited to Chinese alternative app markets or forums. Unfortunately a couple of instances were found in the U.S. Android Market, however it was promptly removed. As is the case with any of the threats that Lookout identifies, you are already protected if you’ve installed Lookout Mobile Security.
How does this Legacy Native (LeNa) work? It’s actually somewhat fascinating.
Unlike its predecessors, LeNa does not come with an exploit to root the device, rather it requests privileged access on a pre-rooted device. On un-rooted devices, it offers “helpful” instructions on how to root the phone. In some samples, LeNa is re-packaged into apps (a VPN management tool, for instance) that could conceivably require root privileges to function properly. Other samples attempt to convince the user that root access is required to update. Once the user grants LeNa with root privileges, it starts its infection process in the background, while performing the advertised application tasks in the foreground.
Lookout mentions on their blog that while monitoring LeNa’s server activities they noticed that one of the apps being pushed was a DroidDream infected app. This isn’t definitive proof of a direct correlation between DroidDream/DroidDream Light and the Legacy developers but it’s a little scary nonetheless. These guys may not be in total cahoots with each other but they’re getting smarter and trying new tactics.
If you’d like a full PDF technical breakdown of LeNa and how it works, head to Lookout’s blog.
You might also like
Sony Ericsson is back today with the second in a planned series 5 planned videos to help hype their upcoming S1 and S2 tablets. Like its predecessor(s), the clip is
We’ve got a handful of Android handset rumors to pass along that come to us courtesy of a TmoNews tipster.Â The carrier shows no signs of letting up in terms
Mozilla has posted on their blog that Firefox 4 for Android is being updated. They claim that they’ve increased performance, along with usability. Mozilla has said that due to the