DroidKungFu

DroidKungFu is a malware that affects Android OS. It primarily targets users in China. The first evidence of this malware was found in the Android Market in March 2011.^[1]

History

DroidKungFu was discovered by US-based researchers Yajin Zhou and Xuxian Jiang. The two discovered this malware while working at North Carolina State University.^[2] It targets the Android 2.2 platform and allows hackers to access and control devices. DroidKungFu malware can collect some user data through backdoor hacking.^[3]

Process of DroidKungFu malware

DroidkungFu encrypts two different root exploits: a udev exploit and a "RageAgainsTheCage" exploit, to break android security.^[4] Once executed, it decrypts the exploits and communicates with a remote server without user knowledge.^[5]

Function

• Silent mobile device rooting
• Unlocks all system files and functions
• Installs itself without any user interaction

Data collected

• IMEI number
• Phone model
• Android OS version
• Network operator
• Network type
• Information stored in the Phone & SD Card memory^[6]

See also

• Botnet
• Command and control (malware)
• Denial-of-service attack
• File binder
• Shedun
• Trojan horse
• Zombie (computer science)
• Zeus (malware)