A 9 year old Linux vulnerability is now being used to exploit Android phones.
Last October the vulnerability was found. It was not a new vulnerability. It’s actually been sitting in the Linux kernel awaiting discovery for 9 years. The vulnerability is called Dirty Cow and at the time it was found it was already being used n attacks on Linux servers.
Dirty Cow is simply a privilege escalation flaw, however it’s located in a part of the kernel that is easily accessible and simple to actively exploit. Upon it’s discovery, the rooting crowd began utilizing the vulnerability to root their phones. Now, it’s being used by malicious actors to attack users.
So far more than 1,200 malicious apps have been discovered in third party app stores that are using this vulnerability. Most of these attacks have been taking place in China and India, although the various attacks have been recorded in 40 countries. The vulnerability is being used to provide an entry to further attacks. None of the malware has been found within the Google Play Store.
Google patched the vulnerability in it’s December security patch so all BlackBerry Android users who are up to date with their security patches have nothing to fear from malware utilizing this exploit.
source: Ars Technica