website statistics

1 Star2 Stars3 Stars4 Stars5 Stars (Rate This)
Loading...

Google has been trying to put in a tight security mechanism in the Android Market so that malicious apps are filtered away and are not allowed to stay in the apps market. In order to do so, Google makes use of a scanning program which is called ‘Bouncer.’ Now, security researchers have been able to identity the details of the antivirus scanner that Google uses, details that can be exploited by the hackers.


According to the research done by John Oberheide and Charlie Miller, Google’s antivirus scanner is called Miles Karlson and has one friend named Michelle K. Also, it is a fan of Lady Gaga.

By knowing even one of these many details, a malicious app can fool the scanner and make its way into the Android market. Miller and Oberheide will be presenting their research at the Summercon Conference which is scheduled for this week in New York. During the presentation, the two will present a new method to exploit the security of Google’s Android market scanners.

Google’s ‘Bouncer’ actually takes an app and then runs it on a virtual phone to check how does it work and whether or not it is involved in phishing user data or sending spam through his device. When all is rendered well, the app is considered safe, otherwise it is deemed malicious.

Miller and his co-researcher think that by making the app realize that it is being run on a simulation when ‘Bouncer’ is testing it, an app can appear safe during the test-drive and eventually, when it is approved, it can return to its malicious behaviour.

According to Oberheide, “The question for Google is, how do you make it so the malware doesn’t know it’s running in a simulated environment? You want to pretend you’re running a real system. But a lot of tricks can be played by malware to learn that it’s being monitored.”

Moreover, they say that there are ways to find out when a simulation is being run. For instance, a virtual program will be slower than an actual device and when Bouncer tries to contact Google’s servers during the simulation, the app can recognize the IP address of Google’s servers and then behave itself, knowing that it’s a test simulation.

Miller and Oberheide say they also contacted Google regarding this and that since then, Google has improved the security of the Bouncer so that it is difficult to differentiate between it and a real phone.

Source: Forbes

Buy Cheapest Related Product From Amazon.com


Sony Introduces PlayStation Move Racing Wheel At E3 2012

Lenovo Showcases Windows 8 Based ThinkPad Tablet
You can also press the left/right arrow key on your keyboard to go to previous/next post
  On June 5, 2012(3 years, 11 months ago.)

You May Also Like:

What Do You Think?

1 Response

  1. Delmer Le Says:

    the IP address of Google’s servers and then behave itself, knowing that it’s a test simulation.

    Posted on June 5th, 2012 at 4:51 PM

Leave a Reply




Loading Facebook Comments ...

FTC Disclosure: Some of the links of this website are "affiliate links." This means if you click on the link and purchase the item, we will receive an affiliate commission.


Recent Search

Recent Tutorials

Even if your iPhone is locked, people can reply from the lock screen. Check out, how to turn off the quick reply message from locked screen.
Have you forgot Apple ID password or having trouble signing in? Check out this tutorial to reset the password.
Even if iPhone is muted, still Siri's voice is loudly chime. Now you can change the setting to silence Siri using your iPhone's mute switch.
Check out how to teach Siri about nicknames and relationships of the important people in your life in order to make your life easier.
Has your iPhone suddenly turned black & white? Check out this tutorial to know possible reasons & how to fix iPhone screen with few taps.
Check out this tutorial to download FREE movies and TV Shows streaming Showbox app and install it on your Android smartphone or tablet.
Parental Controls allows you to put restrictions on apps or content that can or can not be used by anyone else on your Apple iPhone or iPad.
If you want to print from iPhone without using any computer, check this out to connect and print wirelessly right from the Apple device.
Using Siri, anyone can bypass the Passcode even if iPhone or iPad is locked. Check out this to know how you can disable Siri on lock screen.
Floatify will let you quick reply to the messages or emails through notification bar using your Android Lollipop or Marshmallow.
Close You Have To Login
User:
Pass:
Login With »Login With TwitterLogin With Facebook