yitit
Home
/
Mobile
/
Rootnik Android Trojan Uses a Root Tool to Steal Sensitive Information
Rootnik Android Trojan Uses a Root Tool to Steal Sensitive Information-February 2024
Feb 11, 2026 7:00 PM

Using a root tool to gain system access, a new trojan is stealing information from Android devices, affecting users in the United States, Taiwan, Malaysia, Thailand, and Lebanon.

VPN android trojan

Android 4.3 and older devices are vulnerable to Rootniktrojan:

Rootnik is a new Android trojan that has stolen at least five exploits used in the Root Assistant utility to gain root access of the Android devices, researchers have revealed. Root Assistant is a commercial customized utility developed by a Chinese company helping users to root their Android devices. Researchers have reported having observed over 600 samples of Rootnik in the wild. The malware was able to spread by being embedded in copies of legitimate applications, including:

WiFi AnalyzerOpen CameraInfinite LoopHD CameraWindows SolitaireZUI LockerFree Internet Austria

How Rootnik trojanworks...

"Rootnikdistributes itself by repackaging and injecting malicious code into legitimate Android apps," explain Palo Alto Networks researchers. After being installed on an Android device, the trojan gains root access on the device using the exploits stolen from the Root Assistant.After achieving root access, Rootnik then writes four APK files to the system partition and reboots the compromised Android device.

rootnik android trojan

These files are named asAndroidSettings.apk, BluetoothProviders.apk, WifiProviders.apk, and VirusSecurityHunter.apk. AndroidSettings helps the trojan promote other apps (increasing revenues) while the BluetoothProviders and WiFiProvidersact as remote control components, installing and uninstalling apps along with downloading and executing new code from remote servers. The VirusSecurityHunter is reported to be stealingWiFi information and device owner's location along with other similar sensitive data.

According to researchers, Rootnik only attempts to gain root privileges on devices located in certain countries and doesn't attempt to gain root access if the location of the device is determined to be in China. All the Android 4.3 and older devices are vulnerable to this exploit, except of course those in China. To keep your devices safe from these attacks, make sure you keep them updated to the latest security firmware updates and avoidinstalling applications from unknown sources.

Source | Via

Comments
Welcome to yitit comments! Please keep conversations courteous and on-topic. To fosterproductive and respectful conversations, you may see comments from our Community Managers.
Sign up to post
Sort by
Login to display more comments
Mobile
Recent News
Mr.
Mr.
select 198766*667891 from DUAL
select 198766*667891 from DUAL
select 198766*667891
select 198766*667891
@@GN7yA
@@GN7yA
About
Terms and Conditions Privacy policy Cookie Settings Contact Us
Services
Login register
yitit Hardware Computing Mobile Finance Software Deals
Links
zpostcode Recruit weather mreligion Yellowpages sport constellation shopping name game directory literature Word tour furnish Lottery tftnews lyrics News digital car dir Edu Finance
Copyright 2023-2026 - www.yitit.com All Rights Reserved