Wednesday 6 March 2013

Malicious Malware Creeps Into Android Market

 In times when technology is a household phenomenon and markets are flooded with various kinds of devices – security is a constant challenge faced by the users. Market for Android and Apple devices is expanding every day, with innovations pouring in every month. Advancement in smart phones has led to certain issues in the field of mobile phone technology. The most important of them is security issue.
Recent reports have suggested that security researchers have unearthed a new malware in Google Play Store, which is an app market for Google’s Android. This discovery proves the limitations of the scanning service used to detect the presence of spywares in the apps just before downloading them.

A Trojan War!
Irfan Asrar, researcher from an antivirus provider company, Symantec said that Android Dropdialer, a Trojan was detected in different titles, which went unseen for weeks. Asrar gave out this information in his blog. Naming the two titles, Asrar said that the Trojan was hidden in "Super Mario Bros" and "GTA 3 Moscow City" – generating at least a 100,000 downloads of these apps.

Explaining the nature of the Trojan, the researcher said that the interesting thing is that this spyware went unnoticed on Google Play for a long time – affecting other downloads, due to its remote payload used by this Trojan.

Earlier Asrar mentioned on his blog post about the process of disintegrating a harmful app into separate, staged payloads protected the malware from being detected by the Android monitoring software.  The major purpose behind this procedure is to break the malware into separate files, instead of using it as single file, which will make it easier for it to go undetected for a longer period of time. The malware in question, Android.Dropdialer, was first found on on Google Play (earlier known as the Android Market) – once this malware is installed, it will download other packages as well.

Who to blame?
The blog post writer went on to say that users affected by this Trojan – after installing the app - were still shown a list of notifications including "services that cost you money" -  meaning the users who were victims of this threat were equally responsible for being affected. But keeping it fair and taking into account the fact that this malicious Android spyware was available on Google's own servers, it appears that the company should also be blamed for the act.

Google is not sitting idle. The search engine giant discovered Bouncer, a cloud-based malware scanner in February. Since this discovery, researchers have been successful in their independent discovery of malicious apps in Google Play on several occasions. They were also able to detect malware in the Google Chrome Web store.

Two mobile security experts, Jon Oberheide and Charlie Miller have made a shocking announcement that they've found multiple loopholes in the malware scanner, Bouncer – enabling them to sneak malicious apps into Google Play by bypassing Bouncer. Google representatives have not responded to this threat so far, with no attempt made to check the accuracy of the claim.

No comments:

Post a Comment