Recently Google had introduced everyone to its new malware detection tool, Bouncer which apparently keeps malware and unsecured apps out of the reach of the general public and also giving people a sigh of relief and the freedom to download even more crazy apps from the market without having to actually bother for any unknown threat.

Well from the looks of things it seems that Google would want to tweak its protection tool a little bit more specially after a recent report released by Forbes, a North Carolina State University professor detailed on his blog how he and his team discovered a new malware threat that when installed, can evade virus scans and permission requests, making any wrong doing virtually undetectable. Dubbed “Rootsmart, ” the app uses a process called “privilege escalation” that after having been installed for a few hours (days even), will begin downloading new code from a remote server hiding the data transfer in the phone’s normal communications.

The downloaded code is the ever popular “Gingerbreak” exploit that we’ve told you guys about in past which is able to gain complete access to a device’s SMS, phone calls, data — even recording sensitive phone conversations. Theoretically, Bouncer wouldn’t be able to detect malware in the app because the known malware (Gingerbreak in this case) wouldn’t initially be found in the app.

The cat-and-mouse game continues and like we’ve learned so many times in the past, where there are evil doer’s, nothing can ever be 100% foolproof. Although the offending code has yet to be found anywhere in the Android Market (only a few 3rd party Chinese apps have been detected with this malware) one should always be cautious when installing apps from unknown sources especially suspicious sites offering free pirated apps online.

 

Source: Forbes

 

Be Sociable, Share!

Comments

comments

One Response to “Tricky Malware might prove to be a challenge for Google Bouncer”

Leave a Reply to Shahyan Pervez Bharucha. Cancel reply

Your email address will not be published. Required fields are marked *