New Android malware can remotely control phone

Latest Android threat can enable hackers to remotely and stealthily install unapproved software on users' machines

Security researchers have uncovered new malware targeting the Android operating system, which can enable hackers to take remote control of users' devices and install unapproved software on their phones without their consent.

According to Tim Wyatt, principal engineer at mobile security specialist Lookout, the new malware is a variant of the previously known Legacy Native, or LeNa.

Wyatt explained that LeNa only affects a small number of users.

"LeNa originally masqueraded as a legitimate application and attempted to trick a user into activating its malicious payload by invoking the SU utility, which is used by 'rooted' users to selectively grant superuser privileges to applications that request them."

He added that this requirement meant that only technically adept users were at risk of this infection.

However, the new variant uses an exploit known as "Gingerbreak", which enables root access on devices running the Gingerbread and Honeycomb versions of the Android operating system, and so does not depend on user interaction at all.

The good news for Android users is that it has yet to appear on the Android market, unlike previous malware infections such as DroidDream, but Wyatt stated on his blog that it is on some alternative markets.

Wyatt concluded with some advice for Android users to stay safe.

• Be alert for unusual behaviours on your phone such as strange charges to your phone bill, unusual SMS or network activity, or application activities that launch when your device is locked.
• Always check the permissions an app requests. Use common sense to ensure that the permissions an app requests match the features it provides.
• Only download apps from trusted sources, such as reputable app stores and download sites.
• Download a mobile security app for your phone that scans every app you download to ensure it's safe.