Linked by HAL2001 on Fri 10th Jun 2011 21:23 UTC
Google Ten more applications have been pulled from the Google's official Android Market following a notification that they contained a new kind of Android malware. The malware was discovered by Xuxian Jiang, an assistant professor at the NC State University, and his team. As we have already witnessed before, the malicious code is "grafted" onto legitimate applications, and once the app is installed, it works as a background service whose goals is to gather information and transmit it to a remote server. The server takes the information in consideration and returns a URL from which the malware downloads a .jar file that, once loaded, exploits Dalvik class loading capability to stay hidden by evading static analysis.
Order by: Score:
gumoz
Member since:
2008-05-15

This kind of stuff will be good for differentiation between MarketPlaces like Amazon App Store and Android Marketplace, I guess that the one that allows the user to be relatively safe without compromising App availability will get more money or at least confidence while buying/exploring.

Reply Score: 1

Comment by stippi
by stippi on Mon 13th Jun 2011 10:56 UTC
stippi
Member since:
2006-01-19

Would be interesting to know which apps have been pulled...

Reply Score: 2

the obvious question
by ikidunot on Wed 15th Jun 2011 14:12 UTC
ikidunot
Member since:
2011-06-04

What I want to know is where in the process between the developer submitting the app and the user installing it is the malware tacked onto the app?

Bluntly, who got pwned?

Reply Score: 1