Mobile malware is viewed as a growing threat, particularly on the Android platform. To protect Android users and prevent malicious applications from being uploaded to Google Play, Google created an automated malware scanning service called Bouncer.
At Black Hat, Nicholas Percoco and Sean Schulte, security researchers from Trustwave, will reveal a technique that allowed them to evade Bouncer's detection and keep a malicious app on Google Play for several weeks.
The initial app uploaded to Google Play was benign, but subsequent updates added malicious functionality to it, Percoco said. The end result was an app capable of stealing photos and contacts, forcing phones to visit Web sites and even launch denial-of-service attacks.
Percoco would not discuss the technique in detail ahead of the Black Hat presentation, but noted that it doesn't require any user interaction. The malicious app is no longer available for download on Google Play and no users were affected during the tests, Percoco said. (more) (more)