Fake Angry Bird apps hide Android-rooting malware

A reworked version of the Legacy Native (LeNa) Android malware that lets hackers root phones remotely has been discovered lurking in fake Angry Bird games.

Mobile security firm Lookout reported discovering the reworked LeNa Android malware earlier this week, claiming the new version uses the GingerBreak exploit to gain root permissions on Android phones.

According to Lookout engineer Tim Wyatt, the malware hides by masquerading as a functional Jpeg file.

Once active, the exploit connects with a command and control server, installing launch packages without the owner's knowledge.

Lookout researchers have clarified that they are yet to see the new version on Google's official Play marketplace, instead discovering it on a number of alternative app marketplaces hiding as a fake version of Rovio's popular Angry Birds in Space game.

The new LeNa adds to a growing stockpile of malicious apps and malware targeting the Android ecosystem.

In March, another Trojan appeared pretending to be legitimate Chinese game, The Roar of the Pharaoh. The malicious app appeared on the Google Play store, stealing users' data and money by sending SMS messages to premium-rate numbers without the owner's knowledge.

The rise in Android malware comes despite Google's efforts to police its own app store through the use of its Bouncer service.

Bouncer has since come under fire for failing to protect users because it only scans apps after they have appeared on its app store, so unsuspecting users can still be caught out.