DroidKungFu

DroidKungFu is a malware that affects Android OS. It primarily targets users in China. The first evidence of this malware was found in the Android Market in March 2011.

History

DroidKungFu was discovered by US-based researchers Yajin Zhou and Xuxian Jiang. The two discovered this malware while working at North Carolina State University. It targets the Android 2.2 platform and allows hackers to access and control devices. DroidKungFu malware can collect some user data through backdoor hacking.

Process of DroidKungFu malware

DroidkungFu encrypts two different root exploits: a udev exploit and a "RageAgainsTheCage" exploit, to break android security. Once executed, it decrypts the exploits and communicates with a remote server without user knowledge.

Function

• Silent mobile device rooting
• Unlocks all system files and functions
• Installs itself without any user interaction

Data collected

• IMEI number
• Phone model
• Android OS version
• Network operator
• Network type
• Information stored in the Phone & SD Card memory

See also

• Botnet
• Command and control (malware)
• Denial-of-service attack
• File binder
• Shedun
• Trojan horse
• Zombie (computer science)
• Zeus (malware)

References