Lookout identifies new malware threat, LeNA
Lookout has identified a new Android malware threat which actually ends up as somewhat of an evolution of an older Trojan. This new threat shares common traits with the Legacy variant known as DroidKungFu however this time it was not limited to Chinese alternative app markets or forums. Unfortunately a couple of instances were found in the U.S. Android Market, however it was promptly removed. As is the case with any of the threats that Lookout identifies, you are already protected if you’ve installed Lookout Mobile Security.
How does this Legacy Native (LeNa) work? It’s actually somewhat fascinating.
Unlike its predecessors, LeNa does not come with an exploit to root the device, rather it requests privileged access on a pre-rooted device. On un-rooted devices, it offers “helpful” instructions on how to root the phone. In some samples, LeNa is re-packaged into apps (a VPN management tool, for instance) that could conceivably require root privileges to function properly. Other samples attempt to convince the user that root access is required to update. Once the user grants LeNa with root privileges, it starts its infection process in the background, while performing the advertised application tasks in the foreground.
Lookout mentions on their blog that while monitoring LeNa’s server activities they noticed that one of the apps being pushed was a DroidDream infected app. This isn’t definitive proof of a direct correlation between DroidDream/DroidDream Light and the Legacy developers but it’s a little scary nonetheless. These guys may not be in total cahoots with each other but they’re getting smarter and trying new tactics.
If you’d like a full PDF technical breakdown of LeNa and how it works, head to Lookout’s blog.
You might also like
Don’t you just love it when we get a sneak peak at a leaked roadmap for a carrier? We sure do, and today is no different! The guys over at This Is My Next have gotten their hands on the Q3 roadmap for Sprint, and there’s two Android devices that caught our eye.
LG Mobile will be holding an exclusive event Decemeber 1st in NYC, and according to the electronic invitation: “All will be revealed.” Exactly what will be revealed may not be
Archos has announced new prices for their upcoming G9 series tablets set to arrive later this fall. The pair of Honeycomb devices look to start $20 higher than they were