New malware threat recycles GingerBreak exploit to gain root access

There’s a new version of Legacy Native (LeNa) rearing its ugly head in the seedier Android app exchanges disguised as several popular apps. The malware utilizes the GingerBreak exploit to root a user’s device and then communicates with a remote server to download even more nasty code and push URLs to the handset’s browser. While the bad apps have yet to infect Google Play, they include popular new release Angry Birds Space. Given the full functional nature of the game, users may be blissfully unaware of any potential threat.

The latest version of LeNa affects Android devices running version 2.3.3 or lower and has so far been used primarily to push an application package for a Chinese game market. The result doesn’t seem so malicious, but the appearance of the market on a device is a sign that it has been compromised. Still, as with most malware threats, the best remedy is to practice caution when downloading new games and apps. Know their source and read over the permissions before installing an app to your device.

[via TomsGuide]

Continue reading:

  • Tati

    if it’s not in Google play, it’s not an issue for me.

    • aiden9

      ^This. If someone wants to go get themselves infected by  trying to steal an app then idgaf, its karma.

  • lynyrd65

    Solution: Stop pirating apps


  • Defenestratus

    Lesson learned – stop stealing that which you’ve not paid for.

  • shabbypenguin

    looking thru permissions i snt going to save you, if it uses a root exploit then it gets whatever permissions it whats/needs.

    why such an older exploit? they shoulda went with zergrush.. woulda hit a MUCH larger audience

  • aergern

    Yeah, and this exploit isn’t even guaranteed to work on GB with each device. 

    I’ll add my voice .. stop warezing and know WTF you are installing if you are sideloading.

  • Nick_Lopez_Loya

    My phone is already rooted, so they’re halfway there lol