A recent study by Xuxian Jiang, computer science professor at North Carolina State University, describes in a recent video how his research team developed a rootkit that could silently install on Android devices. Jiang demonstrates how this rootkit could install malware on your system and sync with existing apps. Allowing something like your browser app to quietly record its activity by replacing functionality of a trusted app with another, potentially stealing banking information or other sensitive data.
This malware affects anyone running Ice Cream Sandwich (Android 4.0.4) and below ? making up currently 100 percent of the Android consumer market. Google does seem to acknowledge recent malware reports, by enabling app encryption within its Google Play store, for the first time ever, on any device running its latest Jelly Bean operating system (Android 4.1) and above.
But while Jelly Bean remains in developer preview, penetration of new Android OS in the market is hardly timely. ICS has just expanded to approximately 10 percent of Android devices according to Google, but it took seven months to get to this point. Gingerbread (Android 2.3.4) has just arrived on only 65 percent of Android devices, a year and a half after its initial release. So although this threat could be irrelevant to users with Jelly Bean, expansion of this OS and patch updates to resolve current vulnerabilities could take months, even a year to resolve.
Unlike common malware found on Android, Jiang?s prototype rootkit attacks the framework of Android, as opposed to the underlying operating system Linux kernel. This makes it easier for malware to control multiple assets within the same system, and hide in plain sight posing as trusted apps.
?This would be a more sophisticated type of attack than we?ve seen before,? states Jiang in a recent North Carolina State University abstract, ?Specifically tailored to smartphone platforms. The rootkit was not that difficult to develop, and no existing mobile security software is able to detect it. But there is good news. Now that we?ve identified the problem, we can begin working on ways to protect against attacks like these.?
Jiang?s optimism is right, but Android?s main challenge has always been its fragmentation. In the early days, it helped an aesthetically inferior OS compared to iOS (used on iPhones) get off the ground through manufacturer differentiation (HTC Sense, Motoblur). But as Android continues to grow as the world?s most popular mobile OS ? now activating 1 million devices daily ? Android?s fragmentation could hurt consumers if Google can?t control its open source project and the malware that comes with it.
mary louise parker mary louise parker cher morgellons nhl all star draft touch nitrous oxide
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.