Another week, another announcement of new mobile malware found infecting Android phones. The new bug this week is DKFBootKit, a nasty bit of work that can come packaged inside seemingly legitimate applications–much like most of the other mobile malware we’ve seen thus far. What sets DKFBootKit apart from malware like DroidDream, is that DKFBootKit replaces certain boot processes and can begin running even before the system is completely booted up.
The malware was discovered by the NQ Mobile Security Research Center in collaboration with cyber security expert Dr. Xuxian Jiang. The researchers found that, though the malware can be placed in pretty much any app, it is usually found in apps that ask for root permissions. Once it gains access to the root system, DKFBootKit will begin to wreak havoc on system stability and phone home to a remote server in order to gain further commands.
You can better your chances of not getting infected by only downloading apps from trusted sources: Don’t download pirated apps, and stay off of foreign app stores. For more advice on how to avoid getting your smartphone infected, check out my tips for a malware-free smartphone. Make smart choices, and you should remain malware free.