New Android Malware Uses Motion Sensor Data to Avoid Detection by William Chalk

February 21, 2019
(95 views)

Despite Google’s recent efforts to bolster and tighten the curation of its Play Store apps, shady software has once again managed to bypass anti-malware protections in order to infect unsuspecting Android users.

According to a report by Trend Micro, this new strain of malware is using an innovative new trick to avoid detection. By monitoring the motion-sensor input of an infected device, the malware stays inactive and effectively hides itself from monitors until it detects movement from its target.

The thinking behind this strategy is that sensors in real end-user devices will record motion as people use them. By contrast, methods used by analysts – and possibly Google employees screening apps submitted to the Play Store – are less likely to use sensors.

In the curation and testing process, researchers typically use emulators to detect any malicious software embedded in an application. These sandboxed emulators aren’t coded to simulate motion by default.

The authors of this new strain have taken full advantage of this loophole, creating code that stays dormant if both the device and user are still. Once traditional testing has been evaded and the apps are downloaded onto devices with a motion sensor input, it reactivates.

As soon as it detects motion sensor....

Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.

What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.