Patch Against the 'DroidDream' Virus Available - Affects All Pre-Gingerbread Devices

[xaueious]

Rodderik at XDA developers has responded to the latest news of the malware viruses on Android with a quick at a forum post here following the investigation by Justin Case of AndroidPolice, which creates a dummy file at /system/bin/profile.

These apps were released to the Android market with the intent to root your device, steal your data, and open a backdoor. This applies not only to phones, but to all Android devices.

Even though many of the apps have been pulled from the Android Market, there are still dangerous copies circulating the internet.

AndroidPolice has been reporting about this dangerous virus in their article:

Now, on to some more details of the virus. We should point out that this vulnerability was patched with Gingerbread, meaning any device running Android 2.3+ should be fine. In other words, if you’re looking to play the blame game (which I’m not, but having read all the comments on the original post, many people are), then there’s plenty to go around. The hole was fixed by Google, but it’s relatively useless since many phones aren’t yet running a version of Android that is protected. It’s noteworthy that some manufacturers released updates that patched the exploit for devices without updating to Gingerbread; unfortunately, it appears that minority is quite a small one.

A list of offending apps can be found at the original AndroidPolice article, and also via Lookout security's blog.

We'll follow this report as more news arises.

 

[l_n]

/me makes plans to do an incremental release tonight with this fix.

Sent from my DROIDX using Tapatalk

 

[OffWorld]

@xaueious,

So for those of us stuck on pre-Gingerbread roms we just need to use ADB to apply the exploit fix you posted to the xda-dev site:

adb remount
adb shell touch /system/bin/profile
adb shell chmod 644 /system/bin/profile

And then we're good to go?

 

[OffWorld]

I had to use this because the Linux command "touch" wasn't recognized on my tablet:

adb remount rw
adb shell > /system/bin/profile
adb shell chmod 644 /system/bin/profile

That should accomplish the same thing right? My Linux command skills are a little rusty.

 

[l_n]

actually, i think that redirect will put all output of 'adb shell' in /system/bin/profile on your pc if the '>' isn't escaped. just use touch(1) to create the file like suggested.

 

[OffWorld]

Ok, well the way I actually did it was:

adb shell
# > /system/bin/profile

Which DID create a zero size file named "profile." After I posted previously I realized I hadn't done "adb shell > /system/bin/profile" for exactly the fear you stated of putting a bunch of unintended output into the file, but I can't edit any replies I make to posts that are featured/news items.

As I said, "touch" does not work on my tablet. It is apparently not installed.

 

[l_n]

adb shell ln -s /system/bin/busybox /system/bin/touch

that should fix that.

 

[OffWorld]

Yep, that fixed it. I always forget about busybox - too accustomed to desktop Linux I guess.