GingerMaster malware exploits Android, providing attackers with root-level access to the devices.
While malware that targets Android has been found previously, this is the first exploit that directly targets Gingerbread and may not be spotted by current smartphone security software.
"As this is the first time such malware has been identified, it is not surprising when our experiments show that it can successfully evade the detection of all tested (leading) mobile anti-virus software," said Xuxian Jiang, a computer science assistant professor at N.C. State University, in a blog post. Anecdotal evidence suggests that the malware also exploits Android version 2.2 (Froyo).
The malware is currently packaged as part of what appear to be legitimate applications available for download on Chinese application markets. One infected application, for example, promises "beauty of the day" pictures of women, such as Lady Gaga. When GingerMaster-infected applications first launch, they collect various pieces of device information, including the phone number, SIM card number, and IMEI and IMSI numbers, then share them with a remote command-and-control server.