Malware Check: Android Vulnerable

The Android platform has been marred by the significant infiltration of malwares in the App Store, a development which Google has been battling for sometime now, and had recently launched Bouncer, an automated system check to keep malicious applications out of the Android App Store dubbed Google Play.

According to a report by InformationWeek, two researchers by names, Jon Oberheide of DUO Security and Charlie Miller, principal research consultant at Accuvant Lab, had found different techniques to bypass Bouncer.

The researchers succeeded in submitting an app to Google Play-vetting that established a connect-back shell in the Bouncer's infrastructure, thereby exposing how the security mechanism works. They however, admitted the strong security backup with the Google systems, which were able to track their activities almost instantly.

The researchers discovered the underlying emulator QEMU, upon which the Bouncer is based, and that the popular emulator has had its history of vulnerabilities in the past. The researchers posited the possibility of exploiting a bug in QEMU to crack the Bouncer, a claim which Google has acknowledged.

Google, however has declined to issue an official statement as to whether it will release a patch for the uncovered vulnerabilities.

Android platform has continued to rise despite the malware challenges, and may probably become the most popular smartphone OS, according to the latest IDC predictions for 2012.
Next Post »