An updated variant of the Legacy Native (LeNa) malware utilizes the GingerBreak exploit to gain root permission on Android phones. LeNa hides its exploit in a functional JPEG file that communicates with a command and control server to install and launch packages unbeknownst to the phone s user. The malware has found a home on alternative mobile application marketplaces which are blocked by default on Android devices. The new version of LeNa has been seen making the rounds disguised as a version of the popular game Angry Birds Space.
Source: https://threatpost.com/new-android-malware-variant-can-remotely-root-phone-040412/76405/