updated 4/4/2012 11:52:32 AM ET 2012-04-04T15:52:32

A customized variant of Android malware is now worming its way onto nonrooted devices and taking them over, and the weapon requires no interaction from the victim to begin its campaign.

Researchers at the mobile security firm Lookout  identified the reworked malware as Legacy Native (LeNa), which poses as a legitimate app to gain unauthorized privileges on Android phones.

LeNa has long plagued Android users, Lookout said, but in its reworked form, it no longer requires its target phone to be rooted, and can now activate its payload — it connects to remote servers, transmits  sensitive phone information  and drops more rigged software onto the phone — without any complicity from the end user.

The new Android malware disguises itself in fully functional copies of apps, including "Angry Birds Space," and hides its malicious payload in the string of code at the end of an otherwise genuine JPEG file, Lookout said. This rogue code exploits the GingerBreak vulnerability, a flaw that enables it to gain control of the phone and trick the victim into purchasing apps from illegitimate app stores.

The risks of downloading LeNa are not currently high; it has not been found in the Google Play market (formerly the Android App Market), and has only been spotted in unauthorized, third-party Chinese-language app markets.

Before you download any app, check the permissions it requests; if you're uncomfortable with the amount of access to your phone an app wants, don't download it. Review the app, its developer and its ratings and customer reviews. Check for unusual behaviors on your phone that may indicate its been infected, and scan your phone bill for any unauthorized texts and charges.

© 2012 SecurityNewsDaily. All rights reserved


Discussion comments


Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments