The DKFBootKit Malware Attacks Android Users Through Pirated AndroidOS Apps
Already, the Android operating system found on many popular smartphones has grown into a dominating platform alongside the iPhone and iOS. Although the debate continues to flourish as to which one is 'better', one thing remains constant, and that is the attack of new malware threats such as a recently discovered DKFBootKit.
The DKFBootKit threat was uncovered by security researchers of NQ Mobile. The DKFBootKit was determined to be the first Android bootkit. Such a threat will tag itself to applications where root privileges may be granted. What does this mean? A threat such as DKFBootKit could potentially allow malicious actions available to attackers through specific applications running on Android. Basically, a smartphone could be compromised in such a way as to give remote attackers the ability to pilfer stored data.
In our current society, where almost every means of communication and data transfer is done over the Internet, aside from picking up a landline phone, we face an epidemic of hackers finding new ways to attack end-users. The recent DKFBootKit acts as a virtual rootkit threat that loads onto an Android device giving unwanted users root access to the device.
With a rootkit, remote servers or Command & Control servers, can send out malicious commands or new instructions to Android devices infected with DKFBootKit. In the end, an Android device could transmit sensitive data putting it in the hands of a cybercrook.
You may be asking how the DKFBootKit ends up on an Android device. It is actually rather simple. All the user has to do is download an Android app already infected with malware. Once the app executes, it could then load the DKFBootKit giving the malware root access to the device. Many of the targeted apps are popular ones, free and paid-for apps.
With the emergence of what is thought to be the very first rootkit-type infection for the Android operating system, we could be witnessing first-hand a new wave of malware attacking smartphone devices primarily running Android. What Android users can do to avoid this happening to them, is to simply evade questionable app download sources. It would be best to only download apps from trusted sources to limit the likelihood of downloading malware.