A new piece of malware, known as GingerMaster, that can exploit the Android version 2.3.3 (Gingerbread) platform, providing attackers with root-level access to devices has been discovered.
While it’s not the first piece of malware found to target Android devices, this is the first exploit that directly targets Gingerbread and may not be spotted by current smartphone security software.
The malware is currently packaged as part of legitimate applications available for download on Chinese application markets. One infected application, for example, promises “beauty of the day” pictures of women, such as Lady Gaga. When GingerMaster-infected applications first launch, they collect various pieces of device information, including the phone number, SIM card number, and IMEI and IMSI numbers, then share them with a remote command-and-control server.
Fortunately for Android users, AVG’s Mobilation already detects the GingerMaster threat and has identified it as using the Gingerbreak exploit for Android.
The package, called ‘com.igamepower.appmaster’, has the following permissions which allow the phone to report information about the device and the owner.
The application will also install a service which will ensure that it will always load when the device is turned on or rebooted, ensuring that the infection is always present.
As can be seen from the below code, the information (including IMEI, IMSI, telephone number and more) is then sent out using an HTTP POST.
If you are worried that you might have been infected by the GingerMaster or any other type of malware, the first thing you should do is download an antivirus application to try and remove the infection.
AVG Mobilation Anti-Virus Free and Pro products provide protection against this threat, and Anti-Virus Free is free to download. So try it now!
However protection doesn’t stop at antivirus applications, it’s important to exercise caution when it comes to installing apps. Always ensure that you are downloading from a trusted source and that the application is the real deal. When installing new apps to your Android device, always look at the permissions an application requests to approve and make sure the list seems appropriate and genuine.