Rootkits on Android smartphones

As our mobile phones get “smarter” and our personal and professional lives get increasingly mobile, the possibility of these devices getting compromised and the negative effects of such an occurrence are starting to worry a lot of people.

Nicholas Percoco and Christian Papathanasiou, two security researchers from Trustwave, have taken it upon themselves to investigate the possibility of creating a rootkit for Android smartphones that would allow an attacker to gain access to the device and the data inside it.

They have recently announced that they came up with a proof-of-concept kernel-level rootkit in the form of a loadable kernel module, with the help of which they will demonstrate an attack on a Android smartphone at the DefCon conference next month.

The rootkit “is able to send an attacker a reverse TCP over 3G/WIFI shell upon receiving an incoming call from a ‘trigger number’. This ultimately results in full root access on the Android device,” they say. “The implications of this are huge; an attacker can proceed to read all SMS messages on the device/incur the owner with long-distance costs, even potentially pin-point the mobile device’s exact GPS location. Such a rootkit could be delivered over-the-air or installed alongside a rogue app.”

Share this