More than a million Android mobile devices worldwide are now infected with a crafty bootkit trojan known as Android.Oldboot.1.origin – a number that has more than tripled since Russian anti-virus company Dr. Web posted about the malware on Jan. 24.
As of the morning of Jan. 31, Moscow time, botnet activity has been recorded on 1,089,158 devices, Pavel Shalin, a malware analyst with Dr. Web, told SCMagazine.com on Friday. He said that the majority of the infections are located in China.
“A lot of new infected units connect to the botnet daily, and about 240,000 have connected during the last 24 hours,” Shalin said,
Android.Oldboot works as a backdoor and can execute various commands from a remote command-and-control server, such as downloading installing or removing certain applications, Shalin said, adding Dr. Web continues to analyze the malware.