Nicholas Percoco, head of Trustwave's SpiderLabs, managed to turn a legitimate Android app into malware without alerting the malware detection system.
(Credit: Trustwave SpiderLabs)
Security researchers testing Google's Bouncer malware detection system for Android apps have managed to submit a benign app and then slowly update it to add malicious functionality, one of the researchers told CNET today.
Nicholas Percoco, head of Trustwave's SpiderLabs, and colleague Sean Schulte will be discussing their research during a session at Black Hat and Defcon next week in Las Vegas entitled "Adventures in Bouncerland."
After Google launched its Bouncer system to protect apps in the Google Play Android market in February, the researchers wanted to see if they could turn a good app that was already in the system into something malicious without triggering the Bouncer malware alarm system. They succeeded.
First they created an app that was designed to allow users to block text messages from specific individuals, known as an SMS blocker. Once the app was in the market and available for public d... [Read more]
No comments:
Post a Comment