Turning good Android apps bad

Powered by SC Magazine
 

Unregulated market a dangerous place.

Legitimate Android applications can be easily repacked with malware and uploaded to the Google Marketplace, Symantec says.

The Android application package file (apk) tool Geinimi allowed legitimate apps to be re-written with malicious code.

Applications were then ready to be uploaded since they were self-signed, Symantec security response engineer Mario Ballano Barceno said.

Geinimi created a connection to the command and control centre (C&C) from where information on a victim's device including operating system details and personal data could be downloaded.

Ballano said any application could be affected and re-uploaded.

He said website redirections could be added to web browsers, and phones could be made to place premium  phone calls and SMSes.

“The attacker implements a set of changes and they suggest the changes,” Ballano said.

Symantec security response senior security operations manager Orla Cox said all applications can be compromised.

“If they're using the same malware all of the time, anti-virus vendors can easily handle that. Google is also pretty swift in pulling down known malicious apps from the official market store once it knows about them,” Cox said.

“It's better for the attackers to be stealthier and fly under the radar if they can. It means that their apps are more likely to last on the market.”

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, US edition


Turning good Android apps bad
 
 
 
Top Stories
Australia's digital crescendo
Barely unpacked from his move from Amsterdam, Southern Cross Austereo's new digital boss Vijay Solanki is looking for Australia's untapped potential.
 
Turnbull nabs UK govt digital guru as DTO chief
Inaugural CEO to lead change agenda.
 
NBN to offer TV connections through fibre for greenfields
Ditching aerials to come at a cost.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Xerocon is heading to Melbourne!
Jul 1, 2015
We're not saying Xero is our FAVOURITE or anything, but Xero's 2015 Xerocon conference is being ...
New Microsoft Office apps for Android phones
Jun 26, 2015
Microsoft's latest Office apps for Android now work on phones as well as tablets, further ...
Windows 10 UK price revealed, but don't believe everything you hear
Jun 26, 2015
Windows 10 £99 price tag for users in the UK (who presumably don't already have Win 7 Pro ...
Now Xero notifies iOS users of new transactions
Jun 24, 2015
The latest version of Xero's iPhone app includes notifications when new transactions arrive from ...
Your Essential Cloud Toolbox
Jun 22, 2015
When BIT interviewed Receipt Bank country manager Sophie Hossack, we asked for her thoughts on ...
Latest Comments
Polls
Is site blocking effective in stopping piracy?


   |   View results
Yes
  2%
 
No
  86%
 
Somewhat
  12%
TOTAL VOTES: 722

Vote