Linked by HAL2001 on Fri 10th Jun 2011 21:23 UTC
Google Ten more applications have been pulled from the Google's official Android Market following a notification that they contained a new kind of Android malware. The malware was discovered by Xuxian Jiang, an assistant professor at the NC State University, and his team. As we have already witnessed before, the malicious code is "grafted" onto legitimate applications, and once the app is installed, it works as a background service whose goals is to gather information and transmit it to a remote server. The server takes the information in consideration and returns a URL from which the malware downloads a .jar file that, once loaded, exploits Dalvik class loading capability to stay hidden by evading static analysis.
Permalink for comment 477266
To read all comments associated with this story, please click here.
the obvious question
by ikidunot on Wed 15th Jun 2011 14:12 UTC
ikidunot
Member since:
2011-06-04

What I want to know is where in the process between the developer submitting the app and the user installing it is the malware tacked onto the app?

Bluntly, who got pwned?

Reply Score: 1