Rootkit Found on Android Phones

3d-android-logo-wallpaperYou can’t get the new phone because it lights on fire, and now you may have to get rid of your old phone. However, most of you should be safe as this pre-installed rootkit was found on Chinese devices. So here’s what the hack allowed:

Over 3 million phones were found to have the following

The vulnerable mechanism, which is associated with Chinese mobile firm Ragentek   Group, contains a hidden binary — resides as /system/bin/debugs — that runs with root privileges and communicates over unencrypted channels with three hosts.
According to the researchers, this privileged binary not only exposes user-specific information to attackers but also acts as a rootkit, potentially allowing attackers to remotely execute arbitrary commands on affected devices as a privileged user.
According to a new report from security rating firm BitSight, the issue is due to a vulnerability in the insecure implementation of the update mechanism used by certain low-cost Android devices, including BLU Studio G from US-based Best Buy. (This is where the most comes from).
So why is this a big deal?
This could allow a remote attacker to extract personal information from an affected device, remotely wiping the whole device, and even make it possible to gain access to other systems on a corporate network and steal sensitive data.
  • BLU Studio G
  • BLU Studio G Plus
  • BLU Studio 6.0 HD
  • BLU Studio X
  • BLU Studio X Plus
  • BLU Studio C HD
  • Infinix Hot X507
  • Infinix Hot 2 X510
  • Infinix Zero X506
  • Infinix Zero 2 X509
  • DOOGEE Voyager 2 DG310
  • LEAGOO Lead 5
  • LEAGOO Lead 6
  • LEAGOO Lead 3i
  • LEAGOO Lead 2S
  • LEAGOO Alfa 6
  • IKU Colorful K45i
  • Beeline Pro 2
  • XOLO Cube 5.0

-Nick Walter (njw4227)