website statistics

1 Star2 Stars3 Stars4 Stars5 Stars (Rate This)
Loading...

Google has been trying to put in a tight security mechanism in the Android Market so that malicious apps are filtered away and are not allowed to stay in the apps market. In order to do so, Google makes use of a scanning program which is called ‘Bouncer.’ Now, security researchers have been able to identity the details of the antivirus scanner that Google uses, details that can be exploited by the hackers.


According to the research done by John Oberheide and Charlie Miller, Google’s antivirus scanner is called Miles Karlson and has one friend named Michelle K. Also, it is a fan of Lady Gaga.

By knowing even one of these many details, a malicious app can fool the scanner and make its way into the Android market. Miller and Oberheide will be presenting their research at the Summercon Conference which is scheduled for this week in New York. During the presentation, the two will present a new method to exploit the security of Google’s Android market scanners.

Google’s ‘Bouncer’ actually takes an app and then runs it on a virtual phone to check how does it work and whether or not it is involved in phishing user data or sending spam through his device. When all is rendered well, the app is considered safe, otherwise it is deemed malicious.

Miller and his co-researcher think that by making the app realize that it is being run on a simulation when ‘Bouncer’ is testing it, an app can appear safe during the test-drive and eventually, when it is approved, it can return to its malicious behaviour.

According to Oberheide, “The question for Google is, how do you make it so the malware doesn’t know it’s running in a simulated environment? You want to pretend you’re running a real system. But a lot of tricks can be played by malware to learn that it’s being monitored.”

Moreover, they say that there are ways to find out when a simulation is being run. For instance, a virtual program will be slower than an actual device and when Bouncer tries to contact Google’s servers during the simulation, the app can recognize the IP address of Google’s servers and then behave itself, knowing that it’s a test simulation.

Miller and Oberheide say they also contacted Google regarding this and that since then, Google has improved the security of the Bouncer so that it is difficult to differentiate between it and a real phone.

Source: Forbes

Buy Cheapest Related Product From Amazon.com


Sony Introduces PlayStation Move Racing Wheel At E3 2012

Lenovo Showcases Windows 8 Based ThinkPad Tablet
You can also press the left/right arrow key on your keyboard to go to previous/next post
  On June 5, 2012(4 years, 0 months ago.)

You May Also Like:

What Do You Think?

1 Response

  1. Delmer Le Says:

    the IP address of Google’s servers and then behave itself, knowing that it’s a test simulation.

    Posted on June 5th, 2012 at 4:51 PM

Leave a Reply




Loading Facebook Comments ...

FTC Disclosure: Some of the links of this website are "affiliate links." This means if you click on the link and purchase the item, we will receive an affiliate commission.


Recent Search

Recent Tutorials

Perhaps, you are new Apple user and you might have no idea how to change name of your iPhone. Check out this tutorial to change the name.
Check out this tutorial to lock Android phone using PIN code, Password or Pattern. Following the easy steps, you can secure your smartphone.
If you could not figure out yet, how to save and send GIF from your iPhone, then this tutorial is just for you.
Google released 'Ambient Display' feature with Android 5.x Lollipop. Check the tutorial to know how to turn off Android’s Ambient Display .
Have you recently got your 3D Touch iPhone 6s and struggling to delete apps? Go through the tutorial to learn how to delete or move the apps.
Just read this tutorial by yourself and from now on, we will show you, how you can make your iOS device read text loudly for you.
If you're still struggling to take selfie on iPhone then check it out to know how to take photos from far using iPhone's headset as a remote.
Even if your iPhone is locked, people can reply from the lock screen. Check out, how to turn off the quick reply message from locked screen.
Have you forgot Apple ID password or having trouble signing in? Check out this tutorial to reset the password.
Even if iPhone is muted, still Siri's voice is loudly chime. Now you can change the setting to silence Siri using your iPhone's mute switch.
Close You Have To Login
User:
Pass:
Login With »Login With TwitterLogin With Facebook