DroidKungFu Malware Targets Android Users In China

A new malware campaign designed to victimize Android users has been discovered by two US based researchers, and according to them this new malware is capable of manoeuvring around traditional anti-virus utilities.

The researchers, named Yajin Zhou and Xuxian Jiang from the North Carolina State University found at least a few applications infected by the DroidKungFu malware in their research. They also revealed that a minimum of eight third-party app stores and forums in China were offering infected apps for download.

According to the university's official blog, the DroidKungFu malware primarily targets the Android 2.2 platform, and exploits two vulnerabilities to place a back-door in the infected devices, which then allows the hackers to take complete control of the devices.

"Previously identified malware, such as DroidDream, has also taken advantage of these two vulnerabilities. But Jiang and Zhou think DroidKungFu is different because, based on the early results of their research, it does a better job of avoiding detection by security software," the blog said.

According to the researchers, later versions of Android have fixes for these vulnerabilities, yet “they aren't entirely secure” as the malware can still collect some user data through the back door.