New DroidKungFu Variant -- DroidKungFuSapp -- Emerges!

By Xuxian Jiang, Associate Professor, Department of Computer Science, NC State University

My research team, in collaboration with NQ Mobile, recently discovered a new DroidKungFu variant: DroidKungFuSapp. This variant piggybacks on the legitimate apps and injects various malicious payloads into these apps. From our current analysis, this malware has two main differences from previous DroidKungFu variants.

As of this writing, these changes seem effective -- our experiments with four popular mobile anti-virus software show that they fail to detect it.

A detailed technical analysis and possible mitigation can be found here.

Last modified: November 21st, 2011