Instead of creating their own exploits, some lazy Chinese hackers took the Root Assistant Android rooting toolkit and remodeled it into a trojan, which they packed inside copies of legitimate apps (distributed via unofficial app stores). Until now, only seven apps were repackaged, and only 600 users infected. A weird thing: there's a XML file in the trojan that prevents it from infecting Chinese users.

http://it.slashdot.org/story/15/12/0...ooting-utility