14 DAY TRIAL // Security researchers have uncovered a new trojan which is capable of obtaining root access on Android 2.3 (Gingerbread) by incorporating a known exploit.
The new piece of malware was discovered by researchers from North Carolina State University, the same researchers who discovered other Android trojans in the past, including the DroidKungFu family.
According to Assistant Professor Xuxian Jiang from the NCSU Department of Computer Science, the new threat, which his team has dubbed GingerMaster, is the first malware to use the root exploit for Android 2.3.
"As this is the first time such malware has been identified, it is not surprising when our experiments show that it can successfully evade the detection of all tested (leading) mobile anti-virus software," he writes.
As most Android trojans, GingerMaster comes attached to repackaged legit applications. After it gains root access on devices, the trojan's primary purpose is to serve as a distribution platform for other malware.
It sends device identification information such as IMEI, IMSI, phone number and other data to a remote server and waits for commands from attackers.
The number of Android threats has spiked this year. According to recent reports, it's two and a half more likely to encounter Android malware now than it was six months ago.
The researchers recommend that users take several steps to protect themselves. The first one is to run a mobile antivirus product. There are several free solutions available from vendors like Lookout, AVG, BitDefender or Symantec.
Then, users should only download apps from trusted marketplaces, like the official Android Market. Unfortunately, there is no assurances that malware won't slip through the cracks and appear on these services from time to time, but the chances are lower than in other places.
Finally, users should make a habit from reading and understanding the permissions requested by apps on installation. Trojanized apps will usually require permissions that legit versions wouldn't need.