Watch Out! New Android Rooting Malware LeNa Found


The recent update of a known malicious software calledLeNa(Legacy Native) no longer needs user interaction in order to take over the phone of its victim. The malware uses theGingerBreak exploitto gain root permissions on a device, rather than relying on already rooted by the user phones.


This new capabilities of LeNa were unveiled by Lookout, a company that protects users against malware. After rooting the device LeNa conducts various harmful activity like installing additional software and pushing URLs in the browser, specifically "com.the9.gamechannel," which is a Chinese-language alternative market that publishes Android games.


The very way that LeNa enters the Android phone is through the alternative Android markets, as Google Play (former Android Market) is monitored by Google and it is unlikely to transmit an app disguising the LeNa. On its part LeNa was spotted masquerading as a legitimate app, and even as a fully functional copy of the recently released Angry Birds Space game.


LeNa attacks hit users of devices not patched against this treat with Android versions prior to 2.3.4 that do not otherwise have a back-ported patch. The best strategy for preventing a LeNa attack is to download apps from reputable app stores and consider using services or apps that scan apps for malicious activity.


There are numerous Android malware reports, such as thoseby Kasperskyor Symantec.


Users should also check the permissions an app requests to make sure they match with the functionality of the app. Monitoring unusual behaviors on devices, such as strange charges on the bill, unusual SMS or network activity and applications that launch when the device is locked may review that a device has been infected.


[Source: ]


Categories: Cell Phones & PDAs


Posted RobertJ April 11, 2012