Mobile security researchers have identified an aspect of Android 4.0.4 (Ice Cream Sandwich) and earlier models that clickjacking rootkits could exploit. Researchers at NC State in the US have developed a prototype rootkit that attacks the Android framework and could be used to steal personal information.
What is clickjacking? It is a technique that tricks users and is often used to take over computers,or snag confidential info that is revealed by users who thinks they are on a legitimate webpage.
Like most Android malware, the rootkit can be distributed as a malicious app, opening up a host of potential vulnerabilities on any device on which it is installed.
The rootkit could be bundled with an app and is said to be undetectable by anti-virus. and would allow an attacker to replace a smartphone's browser with a version that captures key strokes to log bank card data and uploads them to a hacker-controlled server
In a demonstration video, the rootkit is shown manipulating the apps on a smartphone. Such a program could be used by cybercriminals to replace an app with a malicious data stealing version that appears legitimate to the user.