DroidKungFu explained

DroidKungFu is a malware that affects Android OS. It primarily targets users in China. The first evidence of this malware was found in the Android Market in March 2011.^[1]

History

DroidKungFu was discovered by US-based researchers Yajin Zhou and Xuxian Jiang. The two discovered this malware while working at North Carolina State University.^[2] It targets the Android 2.2 platform and allows hackers to access and control devices. DroidKungFu malware can collect some user data through backdoor hacking.^[3]

Process of DroidKungFu malware

DroidkungFu encrypts two different root exploits: a udev exploit and a "RageAgainsTheCage" exploit, to break android security.^[4] Once executed, it decrypts the exploits and communicates with a remote server without user knowledge.^[5]

Function

• Silent mobile device rooting
• Unlocks all system files and functions
• Installs itself without any user interaction

Data collected

• IMEI number
• Phone model
• Android OS version
• Network operator
• Network type
• Information stored in the Phone & SD Card memory ^[6]

See also

• Botnet
• Command and control (malware)
• Denial-of-service attack
• File binder
• Shedun
• Trojan horse
• Zombie (computer science)
• Zeus (malware)

Notes and References

1. Web site: DroidkungFu Malware targets china . 2011-07-23 . https://web.archive.org/web/20130330152455/https://blog.lookout.com/blog/2011/06/06/security-alert-new-malware-found-in-alternative-android-markets-legacy/ . 2013-03-30 . dead .
2. Web site: Researcher who involved in finding DroidKungFu Malware. 5 June 2011. 2011-06-20.
3. Web site: Droidkungfu malware targets android users in China. 7 June 2011. 2011-07-06.
4. Web site: DroidKungFu - Complete overview. 2011-07-06.
5. Web site: Android malware discovery(DroidKungFu). 2011-07-06. 2012-04-12. https://web.archive.org/web/20120412001507/http://www.androidauthority.com/more-devious-android-malware-discovered-73730/. dead.
6. Web site: Droidkungfu malware function detailed. 2011-07-06.