DroidDream android malware analysis

Published: 2011-03-05
Last Updated: 2011-03-05 16:49:43 UTC
by Manuel Humberto Santander Pelaez (Version: 1)
4 comment(s)

We talked recently about rogue apps inside the Android Marketplace. About this malware, there is an excellent analysis posted by Jon Larimer. More information at http://blogs.iss.net/archive/Examining%20the%20recent.html 

-- Manuel Humberto Santander Peláez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org

Keywords:
4 comment(s)

Comments

@Google while reading about CVE-2009-1185, "exploid2.c" from 2010 and CVE-2010-EASY (<off>"easy", heyhey</off>): how-dee-wow, wake up, we are in 2011.

@Google also: I want "root" access to my soon coming android. Please please please implement "su" (and fix the rest).
Forgot: indeed "excellent" analysis.
I read somewhere else about a vulnerability that was fixed in Android 2.2.2. I have the original Droid first sold in Nov. 2009 and its latest official firmware is 2.2.1. Are we getting to the point where people have to buy new devices just to fix security problems?

It would be like vendors deciding to not fix security problems in older products because they came out with new ones, but 'older' in this case is barely one year. People aren't going to replace working devices; instead they will just become a platform that can be compromised to attack other systems.
Even if not supported you can update your old phone yourself like I did on my old HTC Magic (Sapphire). Go to xda-developers and find a nice ROM. Its a lot reading at first, but quite easy once you know how it works.

Diary Archives