Jump to content

DroidKungFu

From Wikipedia, the free encyclopedia

DroidKungFu is a malware that affects Android OS. It primarily targets users in China. The first evidence of this malware was found in the Android Market in March 2011.[1]

History

[edit]

DroidKungFu was discovered by US-based researchers Yajin Zhou and Xuxian Jiang. The two discovered this malware while working at North Carolina State University.[2] It targets the Android 2.2 platform and allows hackers to access and control devices. DroidKungFu malware can collect some user data through backdoor hacking.[3]

Process of DroidKungFu malware

[edit]

DroidkungFu encrypts two different root exploits: a udev exploit and a "RageAgainsTheCage" exploit, to break android security.[4] Once executed, it decrypts the exploits and communicates with a remote server without user knowledge.[5]

Function

[edit]
  • Silent mobile device rooting
  • Unlocks all system files and functions
  • Installs itself without any user interaction

Data collected

[edit]
  • IMEI number
  • Phone model
  • Android OS version
  • Network operator
  • Network type
  • Information stored in the Phone & SD Card memory[6]

See also

[edit]

References

[edit]
  1. ^ "DroidkungFu Malware targets china". Archived from the original on 2013-03-30. Retrieved 2011-07-23.
  2. ^ "Researcher who involved in finding DroidKungFu Malware". 5 June 2011. Retrieved 2011-06-20.
  3. ^ "Droidkungfu malware targets android users in China". 7 June 2011. Retrieved 2011-07-06.
  4. ^ "DroidKungFu - Complete overview". Retrieved 2011-07-06.
  5. ^ "Android malware discovery(DroidKungFu)". Archived from the original on 2012-04-12. Retrieved 2011-07-06.
  6. ^ "Droidkungfu malware function detailed". Retrieved 2011-07-06.