As this is the first time such malware has been identified, it is not surprising when our experiments show that it can successfully evade the detection of all tested (leading) mobile anti-virus software," he writes.
Once the GingerMaster malware is installed and has root privileges, it then reaches out to a remote command-and-control server and asks for instructions. It then has the ability to download and install apps on its own, without the user's permission, Jiang found. GingerMaster is an evolution of the existing DroidKungFu malware, which had some of the same functionality. Earlier this week, Jiang's team also found other variants of DroidKungFu in several dozen infected apps in alternate Android app stores. That version included a couple of root exploits as well, but for earlier versions of Android.
As far as we can tell, no “official” applications being offered through Android Market have been affected by GingerMaster, but it’s best to err on the side of caution when it comes to these things. Recognize that your Android smartphone is very much a computer and, as such, is just as vulnerable to attacks as your home PC. The researchers recommend that users take several steps to protect themselves. The first one is to run a mobile antivirus product. There are several free solutions available from vendors like Lookout, AVG, BitDefender or Symantec.Then, users should only download apps from trusted marketplaces, like the official Android Market. Unfortunately, there is no assurances that malware won't slip through the cracks and appear on these services from time to time, but the chances are lower than in other places.Finally, users should make a habit from reading and understanding the permissions requested by apps on installation. Trojanized apps will usually require permissions that legit versions wouldn't need.