Ad: Manage updates with the Download App
ie8 fix

bouncer

When good Android apps go bad -- a security lesson

Security researchers testing Google's Bouncer malware detection system for Android apps have managed to submit a benign app and then slowly update it to add malicious functionality, one of the researchers told CNET today.

Nicholas Percoco, head of Trustwave's SpiderLabs, and colleague Sean Schulte will be discussing their research during a session at Black Hat and Defcon next week in Las Vegas entitled "Adventures in Bouncerland."

After Google launched its Bouncer system to protect apps in the Google Play Android market in February, the researchers wanted to see if they could turn a good app that … Read more

Malware went undiscovered for weeks on Google Play

Security researchers have discovered malware hosted on the Google Play marketplace that went weeks undetected masquerading as games.

Android.Dropdialer, a Trojan that sends costly text messages to premium-rate phone numbers in Eastern Europe, had gone undiscovered for two weeks in the form of two game titles, Symantec researcher Irfan Asrar wrote in a blog post yesterday. The two games -- "Super Mario Bros." and "GTA 3 - Moscow city" -- were uploaded to Google Play on June 24 and generated 50,000 to 100,000 downloads, Asrar said.

"What is most interesting about this … Read more

Researchers bypass Google's Android malware detector

Mobile security researchers say they have identified flaws in Google's system to keep malware off Google Play.

Duo Security's Jon Oberheide and Charlie Miller say they exploited weaknesses in Google's Bouncer service to sneak malicious apps on to the Android market. Oberheide demonstrated in a video presentation (see below) how he submitted a fake app and used a remote shell it got access to when Bouncer attempted to analyze the app. That access allowed the pair to "look for interesting attributes of the Bouncer environment, such as the version of the kernel it's running, the … Read more

Malware loves Android, but iOS users could be at risk too

Android has gotten a lot of negative buzz for its susceptibility to malware. But a new study from Juniper Networks suggests that iOS could also be at risk.

Scanning hundreds of thousands of applications across the mobile landscape for its 2011 Mobile Threats Report, Juniper uncovered more than 28,000 pieces of malware last year, a rise of 155 percent from 2010.

As expected, Android was the post popular target.

Malware aimed at Google's mobile OS surged to 13,000 samples at the end of last year from only 400 in June, an increase of 3,325 percent. The … Read more

Google now scanning Android apps for malware

Google has added an automated scanning process that is designed to keep malicious apps out of the Android Market, the company announced today.

The new service, code-named "Bouncer," scans apps for known malware, spyware, and Trojans, and looks for suspicious behaviors and compares them against previously analyzed apps, Hiroshi Lockheimer, vice president of engineering on the Android team, said in an interview with CNET this morning.

Every app is then run on Google's cloud infrastructure to simulate how the software would operate on an Android device, he said. Existing apps are continuously analyzed, too.

"The system … Read more