Security experts at Trend Micro have spotted a new strain of Android malware, dubbed ZNIU, that exploits the Dirty COW Linux kernel vulnerability. The vulnerability was discovered by the security expert Phil Oester in October 2016, it could be exploited by a local attacker to escalate privileges. The malicious code is concealed behind an apparent porn app that once installed contact the C&C server to updates itself. The malware fetches the appropriate rootkits from the server, use the exploit to escalate. The domain and command and control server used by the malware is located in China.”]
Source: https://securityaffairs.co/wordpress/63456/malware/zniu-malware-dirty-cow.html