Polymorphic Android malware requires HIPS analysis

(1 views)

Mobile application morphing isn’t something we have heard of on mobile platforms - however I did read an article on some recent developments. I suspect malware writers are developing mobile apps that automatically modify on download as well as continuing to re-engineer the codebase on a daily basis which involves changing the file signature and manifest files on a regular basis. Polymorphic malware apps can also change malicious URL redirects and PRS numbers in the database on a daily basis too - so there is an element of intelligence here.

So what about app permission controls? All apps need permissions, so even if one of these apps was installed, a user could deny all app permissions to connect including i.e. sending an SMS or make a silent PRS call. Is this actually true? I know it isn’t’ true - see the forensics video below from our good friend Thomas Cannon. Read more...

February 8, 2012
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023