website statistics

1 Star2 Stars3 Stars4 Stars5 Stars (Rate This)
Loading...

Google has been trying to put in a tight security mechanism in the Android Market so that malicious apps are filtered away and are not allowed to stay in the apps market. In order to do so, Google makes use of a scanning program which is called ‘Bouncer.’ Now, security researchers have been able to identity the details of the antivirus scanner that Google uses, details that can be exploited by the hackers.


According to the research done by John Oberheide and Charlie Miller, Google’s antivirus scanner is called Miles Karlson and has one friend named Michelle K. Also, it is a fan of Lady Gaga.

By knowing even one of these many details, a malicious app can fool the scanner and make its way into the Android market. Miller and Oberheide will be presenting their research at the Summercon Conference which is scheduled for this week in New York. During the presentation, the two will present a new method to exploit the security of Google’s Android market scanners.

Google’s ‘Bouncer’ actually takes an app and then runs it on a virtual phone to check how does it work and whether or not it is involved in phishing user data or sending spam through his device. When all is rendered well, the app is considered safe, otherwise it is deemed malicious.

Miller and his co-researcher think that by making the app realize that it is being run on a simulation when ‘Bouncer’ is testing it, an app can appear safe during the test-drive and eventually, when it is approved, it can return to its malicious behaviour.

According to Oberheide, “The question for Google is, how do you make it so the malware doesn’t know it’s running in a simulated environment? You want to pretend you’re running a real system. But a lot of tricks can be played by malware to learn that it’s being monitored.”

Moreover, they say that there are ways to find out when a simulation is being run. For instance, a virtual program will be slower than an actual device and when Bouncer tries to contact Google’s servers during the simulation, the app can recognize the IP address of Google’s servers and then behave itself, knowing that it’s a test simulation.

Miller and Oberheide say they also contacted Google regarding this and that since then, Google has improved the security of the Bouncer so that it is difficult to differentiate between it and a real phone.

Source: Forbes

Buy Cheapest Related Product From Amazon.com


Sony Introduces PlayStation Move Racing Wheel At E3 2012

Lenovo Showcases Windows 8 Based ThinkPad Tablet
You can also press the left/right arrow key on your keyboard to go to previous/next post
  On June 5, 2012(4 years, 1 month ago.)

You May Also Like:

What Do You Think?

1 Response

  1. Delmer Le Says:

    the IP address of Google’s servers and then behave itself, knowing that it’s a test simulation.

    Posted on June 5th, 2012 at 4:51 PM

Leave a Reply




Loading Facebook Comments ...

FTC Disclosure: Some of the links of this website are "affiliate links." This means if you click on the link and purchase the item, we will receive an affiliate commission.


Recent Search

Recent Tutorials

If you are trying to jailbreak iPhone, iPad or iPod on iOS 9.2 - 9.3.3 without using a computer or Apple ID, then check this video tutorial.
Pokemon Go users are complaining about the crashing and server issues. Check out the tutorial to solve error problems and thanks us later.
Turning off Wi-Fi Assist is a great way to save mobile data since it automatically starts using cellular data when Wi-Fi signal is poor .
If you want to secure your SIM card from others using it, then check out this tutorial to know how to set up the SIM Pin code on your iPhone.
CiderTV is a great alternative to control Apple TV from the Notification Center. Check out this tutorial to set up CiderTV on your iPhone.
Are you annoyed by the split screen mode on the iPhone 6 Plus or 6s Plus? Check out this quick tutorial to turn off split screen feature.
If you could not wait to installed the iOS 10 beta version on you iPhone and now struggling for the errors, then this tutorial is for you.
Siri might not understand the question you asked. But you can use Siri by editing the text that you asked & it will give an updated answer.
Perhaps, you are new Apple user and you might have no idea how to change name of your iPhone. Check out this tutorial to change the name.
Check out this tutorial to lock Android phone using PIN code, Password or Pattern. Following the easy steps, you can secure your smartphone.
Close You Have To Login
User:
Pass:
Login With »Login With TwitterLogin With Facebook