A new malware threat has surfaced in the Android community and has been discovered by NQMobile in pirated versions of popular applications that require root access. DKFBootkit, an evolved form of earlier DroidKungFu variants, is a nasty little bugger that uses known techniques to embed malicious payloads into legitimate apps.
The malware intentionally targets apps that require root access, like ROM Manager, ES File Manager and other popular gamer unlockers and licence keys for premium paid applications.
By taking advantage of the root privilege, DKFBootKit adds itself as a part of the boot sequence of the original Android system and replaces a number of utility programs (e.g., ifconfig and mount). By doing so, the malware can get started even before the entire Android framework is bootstraped.
What does this mean? It means you had better be careful what you download. Odds are, if you are trying to steal software, it will probably come back to bite you in the rear — and you deserve every bit of it. Android developers work very hard to produce the awesome work that can be purchased for relatively low prices. Show your support for their work by dropping a couple bucks, or reap what you sow.
To protect your device against malware, I suggest using Lookout Security and Anti Virus; however, you should still steer clear of downloading pirated apps, as the negatives clearly outweigh the positives. For more information on DFKBootkit, head over to NFQMobile’s article about its discovery.
And for God’s sake, people…. download responsibly.