First ever Android Bootkit Malware ‘Oldboot.A’ which was discovered about two months ago after it had infected more than 500,000 devices running on Android operating system seems to be live and kicking again.

Android Bootkit malware that infected Millions of Android smart phones and tablets.

A report from Chinese security researchers at 36doc  states that a new Variant of ‘Oldboot.A’ has been found in action again. The 36doc has named this new variation ‘Oldboot.B. Like every updated version, this new OldBoot.B malware has ability to target  targets the operating system’s boot sector code and grants the attacker the “root” or administrator access to the infected device. 

The new Variant is untraceable by the Antivirus software because it sits in the Android memory process and has capabilities to inject malicious module into system process.  Once Oldboot.B is up and running, it executes commands to  uninstall or disable the Antivirus program to avoid detection.

Here are few of the abilities of OldBoot.B Malware: 

  • Grants the attacker the “root” or administrator access to the infected device.
  • Can inject malicious modules into system process.
  • Prevent malicious apps from uninstalling.
  • Can Modify your browser’s homepage.
  • It can uninstall or disable the Antivirus program to avoid detection.

Similar to its predecessor,  OldBoot.B establishes a communication between the Android smart phone or tablet with a remote Command and Control server. Once the communications are established it executes the commands received from the attacker’s command-and-control server.  This commands can either be to steal data, create unknown profiles as well as set up the smart phone messaging to premium SMS service linked to the attacker.

“Prevention is better than Cure” why take the risks stay safe. try not to install apps from any untrusted source and keep your Antivirus program updated for maximum protection.

LEAVE A REPLY

Please enter your comment!
Please enter your name here