Heads up Android users, it appears that yet another Android malware has been spotted and this one is apparently has the ability to gain root access on your device through a known exploit.
Discovered by the same team who discovered the DroidKungFu malware, Assistant Professor Xuxian Jiang from the NCSU (North Carolina State University) Department of Computer Science, along with his team has dubbed the exploit GingerMaster, and is apparently the first malware to use the root exploit for Android 2.3.
As with most Android malware, it comes attached (or disguised) with a legit Android app, which means that if you’re regularly downloading apps from third party, non-trustworthy websites, you could very well be opening yourself up to infection. This isn’t to say that the Android Market is 100% malware proof, but given that Android Market has more users, chances of users spotting and alerting future downloaders is higher.
Basically the malware acts like a middleman for other future malware, and this is accomplished by sending out information about your device such as IMEI, IMSI, phone number, etc to a remote server while waiting for commands from attackers. It has also been repackaged with a “.png” file extension (an image format) to make itself look less suspicious.
Users still stuck on the first edition of Gingerbread (2.3) as opposed to the more recent versions (2.3.5), along with Froyo 2.2 users and below will be susceptible to the malware.