We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
HackTool:AndroidOS/ZergRush
Aliases: SuperOneClick Android phone rooter (other) SuperOneClick Kindle Fire rooter (other)
Summary
Microsoft Defender for Endpoint detects and removes this threat.
This tool uses a vulnerability in Android devices to "root" or hack the device.
This is usually done by someone using the device who wants to get around limitations set by the device's manufacturer or carrier (for example, a phone carrier may limit updates on the device).
The following versions of Android operating systems are vulnerable:
- Android OS 2.2.x through to and including 2.2.2 (Froyo)
- Android OS 2.3.x through to and including 2.3.6 (Gingerbread)
Some apps that are known to use this hacktool include:
- SuperOneClick Android phone rooter
- SuperOneClick Kindle Fire rooter
We recommend you don't use hacktools as they can be associated with malware or unwanted software.
