Mobile Menace Monday: How dare that rootin’ Dirty COW

Mobile Menace Monday: How dare that rootin’ Dirty COW

If you follow cybersecurity news, you may have heard of the latest Linux exploit referenced under CVE-2016-5195, which has been dubbed Dirty COW. The name is derived based on the exploitation of the copy-on-write (COW) mechanism in Linux. The exploit allows an unprivileged user on a Linux system to gain increased privileges.

Why are we talking about Linux here?

As you may already know, the Android OS is based on Linux; thus, the first question on many mobile researcher’s minds when Dirty COW came to light was does it affect Android devices? The answer to that is YES, and is answered by NowSecure researcher Sergi Àlvarez i Capilla in his blog, The Dirty COW Droid. The blog comes complete with a proof-of-concept (PoC) that gains root privileges on an Android device using the exploit.

Oh no! Does MBAM Mobile protect me?

As with any exploit, whether it is Linux-based trickling down to the Android OS or one directly exploiting Android, no app can create a patch/fix. Not even a security app like MBAM Mobile. It is up to Google to push an update to Android devices to fix this issue.

We will, however, protect against any moolicious… er… malicious apps that try to use such exploits.

More about app patches

To reiterate, no app can create a patch/fix for an exploit on Android.  So if you see an app claiming to be a patch for Dirty COW or another Android exploit, there is a good chance it is malware. Don’t be fooled, and refrain from installing such apps especially if it is found on a third-party app store.

Make that moolah

The discovery of exploits like these are rare, and as you can image they tend to be hyped when they do come around. With Dirty COW, someone took “hype” to the level of “Udder madness!” by creating a webpage for the exploit with the cool domain name along with a professionally made logo (as pictured below), a Twitter feed, and an online store to buy Dirty COW merchandise—because who wouldn’t want a Dirty COW candy jar during this upcoming holiday season. No hate from me, go make that moolah! Now excuse me while I go buy that Dirty COW t-shirt I’ve always dreamed of.

The Dirty Cow logo, courtesy of Dirty Cow

Nathan Collier


Nathan Collier

Full time mobile malware researcher, part time endurance athlete and world traveler. As nerdy about traveling as he is about mobile malware.