Android click jack malware
Mobile security researchers have identified an aspect of Android 4.0.4 (Ice Cream Sandwich) and earlier models that clickjacking rootkits could exploit. Researchers at NC State in the US have developed a prototype rootkit that attacks the Android framework and could be used to steal personal information.
What is clickjacking? It is a technique that tricks users and is often used to take over computers,or snag confidential info that is revealed by users who thinks they are on a legitimate webpage.
Like most Android malware, the rootkit can be distributed as a malicious app, opening up a host of potential vulnerabilities on any device on which it is installed.
The rootkit could be bundled with an app and is said to be undetectable by anti-virus. and would allow an attacker to replace a smartphone's browser with a version that captures key strokes to log bank card data and uploads them to a hacker-controlled server
In a demonstration video, the rootkit is shown manipulating the apps on a smartphone. Such a program could be used by cybercriminals to replace an app with a malicious data stealing version that appears legitimate to the user.
http://www.youtube.com/watch?v=RxpMPrqnxC0&feature=player_embedded