• No products in the cart.

Polymorphic Android malware requires HIPS analysis

Mobile application morphing isn’t something we have heard of on mobile platforms – however I did read an article on some recent developments. I suspect malware writers are developing mobile apps that automatically modify on download as well as continuing to re-engineer the codebase on a daily basis which involves changing the file signature and manifest files on a regular basis. Polymorphic malware apps can also change malicious URL redirects and PRS numbers in the database on a daily basis too – so there is an element of intelligence here.

So what about app permission controls? All apps need permissions, so even if one of these apps was installed, a user could deny all app permissions to connect including i.e. sending an SMS or make a silent PRS call. Is this actually true? I know it isn’t’ true – see the forensics video below from our good friend Thomas Cannon. Read more…

February 8, 2012

Leave a Reply


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Notify of

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013