" Otherwise, it mounts the system partition as writable, copies itself into the /system/lib directory, replaces several commonly-used utility programs (e.g., ifconfig and mount), and alters related daemons (e.g., vold and debuggerd) and bootstrap-related scripts," according to NQMobile's analysis.
Though it could be considered just one more bit of Android malware, the availability of a root kit that can be used to infect almost any application and carry any malware payload is a significant step up in malignant capabilities.
NQMobile claims its security software can identify and eliminate DKBootKit; Lookout Security & AntiVirus is able to detect DroidKungFu, on which DKFBootKit is partially based, so it has a good chance of detecting the rootkit as well, though that's far from certain.
Best advice on other sites, including those of security vendors, is to not download pirate apps from pirate sites if you plan to install them with root access, which is definitely throwing the baby out with the bathwater.
Carrier-approved editions of Android software are so packed with vendor cross-promotions, ads, tracking software and limitations, there's a good case to be made that all those limitations take away much of the value of the phone itself.
Some people root their phones so they can build free MiFi LANs using the phones as a hub, or run other apps and services that violate service agreements, copyrights or ethical boundaries.
Most do it just to be able to control their own bookmarks and delete some of the junk carriers lard on the phones.
That's why rooting is so popular, not because everyone with an Android phone wants to turn it into a portable hacker portal.
Not rooting anything just to avoid one rootkit is an overreaction. Not installing anything unless you're reasonably sure it's clean and came from a reliable source is just prudent.
Read more of Kevin Fogarty's CoreIT blog and follow the latest IT news at ITworld. Follow Kevin on Twitter at @KevinFogarty. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.