Update: Trustlook has released a solution to detect this vulnerability within 12 hours of this vulnerability is reported. During the long night, we had to patch android system, changing scheduling code, re-fresh ROM system of all production devices and of course had many beers. This is fun.
According to this report, many android applications are confirmed vulnerable:
– QQ browser HD
Here is the real exploit code that allows hacker to remotely control your device. It separates the exploit the APK file into four parts and merge them into one APK file, writing it to the sdcard on target device. Then run adb command to install the backdoor application.
The following pictures showed you the backdoor application, androrat, has been installed in the vulnerable device.
Last part is to do remote control the exploited device.
Here is the risk summary alert for application impacted by this vulnerability.