Lookout Mobile Security researchers recently came across a new version of the Legacy Native (LeNa) Android malware, which doesn't require any user interaction in order to gain root access to a device.
"The malware masquerades as a legitimate app, and the latest version can appear as a fully functional copy of the recently released Angry Birds Space, among other apps," notes CNET News' Elinor Mills.
"A previous version of the Trojan, which was detected last summer, depended on the device being rooted; a minority of mostly technically adept users have done this to overcome limitations imposed by hardware manufacturers," Virus Bulletin reports. "The new variant of the malware uses the 'Gingerbreak' exploit to gain root access, which means that all unpatched devices (running versions prior to 2.3.4) are at risk."
"As in its predecessor, [the] payload communicates with a remote Command and Control server and accepts instructions to install additional packages and push URLs to be displayed in the browser," writes Lookout's Tim Wyatt.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
Still, as SecurityNewsDaily's Matt Liebowitz notes, most users' risks of downloading LeNa aren't particularly high at this point. "[It] has not been found in the Google Play market (formerly the Android App Market), and has only been spotted in unauthorized, third-party Chinese-language app markets," he writes.