The rootkit can gain access to Android devices, either through using unpatched vulnerabilities, or by pretending to be a legitimate app. Two other researchers recently showed that it's possible to spread infected apps to thousands of devices. Once installed, the rootkit is activated by calling the infected mobile from a specific number. It then establishes a connection to the attacker's computer, which allows the phone to be controlled remotely. As the researchers demonstrated in their talk, this gives the attacker access to the Android phone's SQLite database, allowing them to view, for example, a victim's texts or contacts.
It's also possible to remotely read the device's current GPS coordinates and to make outgoing calls without this being shown on the display. Criminals could make use of the latter by running up costs for expensive sex lines which they in turn operate. According to the researchers, current anti-virus software for Android does not (yet) detect the rootkit.
The link for this article located at H Security is no longer available.