Android malware hides inside versions of Angry Birds Space
Sophos Labs recently discovered a Trojan horse malware that piggybacks on versions of Angry Birds Space.

The infection, identified as Andr/KongFu-L, installs itself on a user's phone within a fully-functional version (pirated) version of Angry Birds Space.

Space hack wars

Once the Trojan is on the Android device, it gains root-level access by way of the GingerBreak Exploit which Sophos identified last summer.

This allows the hackers to install further malicious items onto the device without the owner’s knowledge and hijack the browser at will.

In essence, it turns a compromised phone into a member of a botnet leading to all manner of privacy and data usage concerns.

Thankfully, the malware has only appeared in unofficial Android app stores. The Google Play version has not been compromised.

The moral of this particular story is that downloading games from unofficial app stores carries with it a significant risk that outweighs the savings of a few dollars.

[source: Sophos Labs]
Matthew Diener 12/4/2012
© Steel Media Ltd.