With the recent discovery of DroidDream trojan in almost 50 apps and infecting 50K – 200K downloads this is a serious threat. Once the infected app is launched the DroidDream will activate the command and control server and start sending your personal information like IMEI, IMSI, Device Model and SDK version. The known exploit being used by this malware is the exploid and rageagainstthecage as LookOut security explained.
When DroidDream attempts to infect a device, it uses two known exploits, exploid and rageagainstthecage, to break out of the Android security container. Both of the vulnerabilities being exploited were patched by Android 2.3 (Gingerbread). If exploid fails to root the device, the malware will attempt to use rageagainstthecage. Once the phone is rooted, DroidDream is configured to searched for a specific package named com.android.providers.downloadsmanager. If the malware does not find this package on the device, it will silently install a second malicious application without the user’s knowledge. If DroidDream does find the downloadsmanager package, it will not continue infecting the device with the second malicious application.
How to Secure Android:
LookOut is a free security tool that can detect DroidDream and other malware on Android. It can find your phone if it is lost or stolen, and back-up and restore contacts. The premium version cost around $2.99/month for more features.
Norton Mobile Security – offers 101-day free service, functions includes scanning incoming app to your phone.
Android is getting popular as Windows in PC and they are becoming the perfect target for malicious coders. Protect your Droid and your personal data.