| ▲ | gradeless 20 hours ago | |
Theres been a consistent pattern of both low quality and advanced malware looking for and targeting the weakness introduced by rooting a device. Here is a recent report of widespread advanced malware looking to see if a device is rooted - https://www.lookout.com/threat-intelligence/article/badbazaa... Here is a report of malware using root - https://zimperium.com/blog/new-advanced-android-malware-posi... Root does not only provide privilege escalation, it also provides attractive options for exploit persistence on a device, something which is difficult to achieve on modern Android and iOS. | ||
| ▲ | yjftsjthsd-h 14 hours ago | parent [-] | |
> Here is a recent report of widespread advanced malware looking to see if a device is rooted Okay? I do actually think that should be blocked (good root is invisible), but I'm not seeing a problem. > Here is a report of malware using root To quote the article: > In addition to collecting the messages using the Accessibility Services, if root access is available, the spyware steals the WhatsApp database files by copying them from WhatsApp’s private storage. Note that it already uses a11y features to do the same thing regardless, but also this is another case of conveniently skipping all the important details. Seriously - "if root access is available, the spyware steals" - how did it get root access? If the "vulnerability" is that the malware asks the user for root access and the user gives it, that is not a vulnerability. A system where malware needs permission to do bad things is perfectly fine. | ||