Less than a week ago Google has removed more than two dozen applications from the Google Android Market because they were infected with the malware “DroidDreamLight”. The Android malware alarm goes off once again today and it’s North Carolina State University that triggers it.
According to their blog, the malware is called “DroidKungFu” and is currently undetected by mobile anti-virus software solutions. The malware installs a “backdoor that gives hackers full control of your phone”. This way all the user data is exposed and, even more, “they can turn your phone into a bot and basically make your smartphone do anything they want”.
It appears that Android 2.2 Froyo and earlier versions of the platform are affected by the at least two known DroidKungFu infected applications which are spread on Chinese forums and third party software markets. Gingerbread apparently patched those vulnerabilities but DroidKungFu is still able to collect some information and sent it off to a remote server.