A recently observed piece of mobile malware that leverages multiple rooting exploits targets nearly 90 percent of Android devices, Trend Micro researchers say. Dubbed
„Godless“ by the security firm, the new malware family can target devices running Android 5.1 (Lollipop) or earlier, and has already affected over 850,000 devices worldwide through malicious applications that can be found in prominent app stores, including Google Play, Veo Zhang, Mobile Threats Analyst, Trend Micro, explains. Godless looks like an exploit kit, mainly because it employs an open-source rooting framework called android-rooting-tools. Courtesy of numerous exploits in its arsenal, the framework can root various Android-based devices. According to Zhang, two of the best known vulnerabilities that this kit targets are CVE-2015-3636 (used by the PingPongRoot exploit) and CVE-2014-3153 (used by the Towelroot exploit), while the rest are relatively unknown.