Security experts are warning Android users about a potential new malware strain that they say has already infected more than 1,600 smartphones. DKFBootKit piggybacks onto legitimate apps that require root privilege, such as those that manage other installed apps, or those that unlock games or paid apps. The screen shot at the right shows a DKFBootKit-infected sample.
NQ Mobile Security Research Center, which discovered the virus along with researchers at North Carolina State University, says the malware replaces a number of utility programs once it takes hold. It is a variant of an earlier Android virus known as DroidKungFu, but the researchers say it is much “stealthier” in the way it tricks users into granting root privilege. The security firm published this advice for Android users:
1) Only download applications from trusted sources, reputable application stores, and markets, and be sure to check reviews, ratings and developer information before downloading.
2) Never accept application requests from unknown sources. Closely monitor permissions requested by any application; an application should not request permission to do more than what it offers in its official list of features.
3) Be alert for unusual behavior on the part of mobile phones and be sure to download a trusted security application that can scan the applications being downloaded onto your mobile device. NQ Mobile Security users are already fully protected from the “DKFBootKit” threat.
NQ Mobile Security’s Chris Stier spoke at last week’s RCA Spring Expo on the current security environment in the wireless industry. His full presentation is available on RCR-TV.
Follow me on Twitter.