Hackers about hacking techniques in our IT Security Magazine

Polymorphic Android malware requires HIPS analysis

Mobile application morphing isn’t something we have heard of on mobile platforms – however I did read an article on some recent developments. I suspect malware writers are developing mobile apps that automatically modify on download as well as continuing to re-engineer the codebase on a daily basis which involves changing the file signature and manifest files on a regular basis. Polymorphic malware apps can also change malicious URL redirects and PRS numbers in the database on a daily basis too – so there is an element of intelligence here.

So what about app permission controls? All apps need permissions, so even if one of these apps was installed, a user could deny all app permissions to connect including i.e. sending an SMS or make a silent PRS call. Is this actually true? I know it isn’t’ true – see the forensics video below from our good friend Thomas Cannon. Read more…

February 8, 2012

0 Responses on Polymorphic Android malware requires HIPS analysis"

Leave a Message

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>