engine - 1:12 pm on Jun 5, 2012 (gmt 0)
Google's Android Malware Detector Bypassed, Say Researchers [news.cnet.com]
Mobile security researchers say they have identified flaws in Google's system to keep malware off Google Play.
Duo Security's Jon Oberheide and Charlie Miller say they exploited weaknesses in Google's Bouncer service to sneak malicious apps on to the Android market. Oberheide demonstrated in a video presentation (see below) how he submitted a fake app and used a remote shell it got access to when Bouncer attempted to analyze the app. That access allowed the pair to "look for interesting attributes of the Bouncer environment, such as the version of the kernel it's running, the contents of the file system, or information about some of the devices emulated by the Bouncer environment," he said.