Just when we thought Stagefright was the boss among malwares on the Android platform, another new trend raises it’s ugly head to compound the many woes Android users are facing. Funny enough, this new trend is something most of us come across, but ignore all the time. This article from Arstechnica has thankfully brought this to light.
You see, there are even more vulnerabilities on Android, far more than we thought or expected. In research by a group of scientists, they discovered that some exploits—which developers legitimately use to build Android rooting apps — can be easily reverse-engineered and fused into malware apps that bypass Android security systems (or Antivirus apps) undetected.
In simpler terms, apps like Root Genius, 360 Root, IRoot, and King Root etc, we all use to root our phones. The exploits they use can be reversed and fused into any other apps, which can cause damage to you phone, undetected. The scientists behind this were able to reverse-engineer a total of 167 exploits in less than month of research.
These scientists combined these exploits in one app to see what would happen, and funny enough no antivirus app was able to detect any of them. The one that did, found only 13 of the 167. Crazy right ?! This goes to tell us how useless antivirus apps are on Android. One of the researchers wrote:
“It is disappointing to see that no packed exploit is detected by any antivirus software,”
We can now see that rooting your device acts as a double-edged sword. You don’t root, you have Stagefright to contend with. You decide to root, and there’s a whole world of malware waiting for you.