Home > Threat descriptions >



Category: Riskware

Type: Exploit

Platform: Android

Aliases: Exploit:Android/Zergrush, Android.exploit.zergrush.[variant]


DroidRooter is a family of binary exploits that is used to gain root privilege on an Android device.


Automatic action

Once the scan is complete, the F-Secure security product will prompt you to assess the file and choose to Uninstall, Quarantine or keep it installed on your device.

Vulnerability Protection

The vulnerability leveraged by the exploit is application or platform specific; in other words, a specific program (or even a specific version of a particular program) must be installed in order for the exploit to be effective.

To prevent exploitation of such vulnerabilities, please refer to the application or device vendor for the latest updates and additional advice.

Knowledge Base

Find the latest advice in our Community Knowledge Base.

About the product

See the manual for your F-Secure product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details

Zergrush is a family of exploits that leverage the known CVE-2011-3874 vulnerability to gain root privileges on a mobile device running earlier (2.3.6 and below) versions of the Android operating system. This operation allows users to circumvent limitations that may be imposed on the device by the manufacturer or carrier.

Zergrush exploit code (included as a component in a toolkit or app that serves as a hack-tool) is most commonly used to gain root privileges on their Android device. The legality of this usage depends on the specific legal jurisdiction, and whether it was performed by the device's legitimate owner.