Smartphones are definitely taking the mobile handset market by storm, especially with the success of the iPhone and Android platforms expanding into the personal device realm. As with any device that gains in popularity, it soon becomes the target of hackers – either for zero day bragging rights or for more nefarious purposes. At DEFCON 18, Nicholas J. Percoco unveiled a proof of concept rootkit aimed at Android. The code allows an external party to trigger the sleeping rootkit into initiating a TCP connection from the device. In a nutshell, simply by receiving a covert call, the device can be used to exfiltrate its data or in more advanced forms, enabled as a remote monitoring device, etc. Rootkits are a different breed of security threat than viruses, worms or Trojans; properly written, they allow a hacker to re-access a computer system with full privileges, perform tasks in secret and depart the system without leaving a trace of the access.