The malware could replace the legitimate browser with a malicious one

Jul 3, 2012 12:42 GMT  ·  By

Researchers from North Carolina State University have developed a proof-of-concept prototype rootkit to demonstrate the existence of a security hole in Android Ice Cream Sandwich (4.0.4) and previous variants of the operating system.

Xuxian Jiang and his team have found that a “clickjacking rootkit” can be used to attack Android’s framework, unlike other similar pieces of malware that target the kernel.

For instance, the rootkit, which at the moment is not detected by any mobile security solutions, can be used to replace the phone’s legitimate browser with a malicious one that’s designed to steal all the information the victim enters.

“This would be a more sophisticated type of attack than we’ve seen before,” Jiang explained.

“But there is good news. Now that we’ve identified the problem, we can begin working on ways to protect against attacks like these.”