toggle

AAPL Stock: 114.59 ( -3.85 )

Printed from http://www.macnn.com

Android malware scanner spoofed by security researchers

updated 02:55 am EDT, Tue June 5, 2012

Maliciously crafted app allows root access, shell commands

Android security researchers Jon Oberheide and Charlie Miller have devised ways to circumvent the cloud-based security filter that Google uses to attempt to keep the market devoid of malicious Android apps. By feeding the scanner a maliciously crafted file and shell commands to reveal files and list system attributes, the research team were able to procure information about how the malware scanner works.

"So this is just one technique to fingerprint the Bouncer environment, allowing a malicious app to appear benign when run within Bouncer, and yet still perform malicious activities when run on a real user's device," Oberheide said in a demonstration video (seen below). Oberheide and Miller are scheduled to talk at the SummerCon conference in New York City between June 8 and June 10. Details about the exploit will be published and publicly available after the conference.

Bouncer is Google's automatic malware scanner in Google Play, to ensure applications don't match signatures of known malware. Within weeks, a technique to avoid Bouncer was exploited so sneak a malicious app into the Google app store. Oberheide and Miller have been in touch with the Android security team to help address the problems that they have discovered with the scanner.






by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. UmarOMC

    Joined: Dec 1969

    0

    Sheesh

    I hope this isn't the only gateway to publishing on the Google Play store.

  1. BigMac2

    Joined: Dec 1969

    0

    Wack-a-mole strategy

    The +30 years antivirus strategy of protecting from already know treat is doomed to failure. To every fingerprint technique there is a parade for it, only "walled garden" filtering and certifying every apps at the input can ensure a clean sandbox for users.

    Anti-virus software only gives illusion of safety, they all end broken after a while if you don't pay them to renew every year.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

Follow us on Facebook

toggle

Most Popular

Advertisement

Recent Reviews

HP 14-x030nr 14-inch Chromebook

If you're like us, chances are you've come to realize that you need the ability to access the Internet on the go. Also, you've prob ...

15-inch MacBook Pro with Force Touch

Apple's 15-inch Retina MacBook Pro continues to be a popular notebook with professional users and prosumers looking for the ultimate ...

Typo keyboard for iPad

Following numerous legal shenanigans between Typo -- a company founded in part by Ryan Seacrest -- and the clear object of his physica ...

toggle

Most Commented