Google Play’s Application Security Filter is “Flawed”

Google Play’s Application Security Filter is “Flawed”

Google Android

Google’s Bouncer allegedly unsuccessful to place an application that switched towards the negative side once it experienced the Play store

Security researchers at Trustwave say they have found an opening in Google’s Bouncer adware and spyware recognition system because of its Android application store.

Trustwave claims it could submit a benign Android application towards the Google Play store however progressively update it introducing malicious functionality without triggering Bouncer’s adware and spyware alert.

They used an application known as SMS Blocker, that was a legit and fully functioning application when it was initially posted.

Trustwave then wanted to see if the Bouncer system may find a thing that had been on the internet Play which had, essentially, switched bad.

They updated SMS Blocker 11 occasions with code unrelated to the primary functions that may rather have permitted it to explore a phone’s logs, contacts and photos with no user’s permission or perhaps launch malicious websites.

The code sneaked through due to the fact Trustwave used a unique “cloaking” technique, but it’s the type of approach that actual adware and spyware creators can use.

Once the researchers dropped their cloaking technology inside a further update, Bouncer is stated to possess finally detected the dubious code and chucked it from the Google Play store.

Google Play

Trustwave’s researchers are presenting their findings in the Spammy and Defcon security conferences in Vegas now. Security specialists frequently attempt to pick holes in systems like a proof-of-concept and also to highlight the problem towards the companies whose goods are potentially in danger.

CNET reports the Trustwave team has contacted Google and will also be ending up in Android researchers in the Vegas security conferences to go over the problem. It’s certainly one method to grab yourself observed.

CNET Through The Verge

More Mobile Apps News >

 

2 Comments

  1. It’s worth mentioning that it also plays voicemail messages to a connected bluetooth device by default. I used to have to immediately switch after starting playback. Sometimes it’s the little things that count.

  2. Simon Belmont says:

    Speaking of Gmail. Anyone have an issue with Gmail when using it for a Hotmail address, where the syncing process literally takes FOREVER (like 5-10 minutes) at a time?
    I’m on KitKat using Gmail to sync Hotmail as an IMAP account, but the above situation happe1 and it keeps the device awake the whole time, so I ended up just removing the account and went back to the old stock email client (which made me sad upon hearing today’s news). Anyone have a solution or had a similar problem?

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.