Exploit.Android.Lotoor.C - What?

[masetas]

I ran my antivirus and Exploit.Android.Lotoor.C came up twice as a virus so i wanted to know what is that. This may have already been asked if it did then mods my bad.

[testacon]

Quote:

Originally Posted by masetas

I ran my antivirus and Exploit.Android.Lotoor.C came up twice as a virus so i wanted to know what is that. This may have already been asked if it did then mods my bad.

Not to take credit for this answer but here is a thread that asked and answered this question already...

Exploit.Android.Lotoor.C Shoujld I be concerned? - xda-developers

Summary

Yes, it's a technically an exploit, however this is how you break the Android OS in order to gain root access, so it's considered safe if you got the exploit from a reputable source. I'd be more concerned if you didn't have root software on you computer and got this message. It's harmless in Windows, and I don't understand the IP part of the second from last paragraph unless their sample came from a bad website...

check on microsoft.com

Technical Information (Analysis)
Exploit:Unix/Lotoor is a detection for specially-crafted Android programs that attempt to exploit vulnerabilities in the Android operating system to gain root privilege.
Installation

Exploit:Unix/Lotoor is dropped and installed by TrojanSpy:AndroidOS/DroidDream.A. Once installed, the exploit is present as the following names:
rageagainstthecage
exploid

Payload

Allows root access
When run, Exploit:Unix/Lotoor allow a remote attacker to gain administrator privilege to the device running Android operation system.

Connects to a remote website
Exploit:Unix/Lotoor decrypts the name of a remote server provided by TrojanSpy:AndroidOS/DroidDream.A such as "184.105.245.17". The server address is used to send user identifiable data from the affected mobile device.
Additional Information

For more information about TrojanSpy:AndroidOS/DroidDream.A, see the description elsewhere in the encyclopedia.

[gTen]

Its harmless if you are rooting..BUT...

PPCGeeks.com » 26 NEW Android Malware Programs Released!!!

There is a harmful DroidDream going around as well on the market...

If you got a custom rom..you might be safe due to a fix done that patches DroidDream..but I am not 100% sure if it covers the new varient or not..it should..but not sure 100%

[testacon]

Quote:

Originally Posted by gTen

Its harmless if you are rooting..BUT...

PPCGeeks.com » 26 NEW Android Malware Programs Released!!!

There is a harmful DroidDream going around as well on the market...

If you got a custom rom..you might be safe due to a fix done that patches DroidDream..but I am not 100% sure if it covers the new varient or not..it should..but not sure 100%

I'm starting to think that Microsoft or Apple is paying to get these made to show us the "downfall" of an open OS...I'm actually surprised that WM didn't have this many problems...

[gTen]

Quote:

Originally Posted by testacon

I'm starting to think that Microsoft or Apple is paying to get these made to show us the "downfall" of an open OS...I'm actually surprised that WM didn't have this many problems...

umm...not really..how do you think we root phones? by using a virus..same way people jailbreak and etc...but there are people who attempt to use these exploits in bad ways as well..

Winmo in general is used less often...so there are less exploits for it..but they definitely exist..there just was a smaller user base for it..thus they weren't exactly heard about on the news..neither were many developed..

iphone had its share of exploits as well..

Not to mention, its fairly easy to spread via Google Market...

[eric12341]

Quote:

Originally Posted by testacon

I'm starting to think that Microsoft or Apple is paying to get these made to show us the "downfall" of an open OS...I'm actually surprised that WM didn't have this many problems...

yea, its a conspiracy