Quote:
Originally Posted by masetas
I ran my antivirus and Exploit.Android.Lotoor.C came up twice as a virus so i wanted to know what is that. This may have already been asked if it did then mods my bad.
|
Not to take credit for this answer but here is a thread that asked and answered this question already...
Exploit.Android.Lotoor.C Shoujld I be concerned? - xda-developers
Summary
Yes, it's a technically an exploit, however this is how you break the Android OS in order to gain root access, so it's considered safe if you got the exploit from a reputable source. I'd be more concerned if you didn't have root software on you computer and got this message. It's harmless in Windows, and I don't understand the IP part of the second from last paragraph unless their sample came from a bad website...
check on microsoft.com
Technical Information (Analysis)
Exploit:Unix/Lotoor is a detection for specially-crafted Android programs that attempt to exploit vulnerabilities in the Android operating system to gain root privilege.
Installation
Exploit:Unix/Lotoor is dropped and installed by TrojanSpy:AndroidOS/DroidDream.A. Once installed, the exploit is present as the following names:
rageagainstthecage
exploid
Payload
Allows root access
When run, Exploit:Unix/Lotoor allow a remote attacker to gain administrator privilege to the device running Android operation system.
Connects to a remote website
Exploit:Unix/Lotoor decrypts the name of a remote server provided by TrojanSpy:AndroidOS/DroidDream.A such as "184.105.245.17". The server address is used to send user identifiable data from the affected mobile device.
Additional Information
For more information about TrojanSpy:AndroidOS/DroidDream.A, see the description elsewhere in the encyclopedia.