Android users are being advised to stay vigilant against a dangerous variant of the DroidKungFu malware currently spreading across smartphones. Despite its ludicrous name GingerMaster is a highly potent beast, infecting Android 2.3 handsets using a root exploit that gives hackers complete control of the operating system.
GingerMaster makes its way onto unsuspecting Android smartphones via a seemingly innocuous file named gbfm.png which is planted into compromised copies of legitimate Android apps. So far the malware is confined to third-party app stores, although according to the research team at NC State University it is able to avoid detection by several high profile anti-virus apps.
Both DroidKungFu and GingerMaster work by garnering root access to your Android and installing a secret background service that extracts personal information from your device including its ID number, phone number and other data. This information is then uploaded to a remote server for hackers to harvest, while the malware can also download and install apps without the owner’s knowledge or permission.