Android malware Genome Project

Sharing Android platform maliciousProgramSamples and analysis results are designed to develop better detection tools.

 

Yajin Zhou and xuxian Jiang, two researchers from the Department of Computer Science at North Carolina State University, initiated the Android malware genome project to share samples and analysis results of Android malware and are committed to developing better detection tools.

Researchers have collected a total of 1260 Android malwareCodeThe sample contains 49 different malicious program families and identifies a series of mobile malicious program features (pdf). For example, the vulnerability is elevated to the root level; convert infected mobile phones into botnets controlled by the Internet or text messages. Nearly half of malicious programs support sending short messages in the background or calling calls without notice; more than half of malicious programs collect user information, including user accounts and text messages stored on mobile phones. Of the 1260 malware they collected, 1083 were packaged in legal applications, using paid applications, popular games and tools, and pornographic applications. They discovered 55 malicious programs that quietly sent short messages to paid numbers. among multiple malicious programs targeting Chinese users, in order to subscribe to paid services without notice, roguesppush will automatically respond to "Y" in the background, and ggtracker will respond to "yes" to the payment number 99735 ".

 

The PDF file in it is worth reading. As mentioned in this paper, 86% of malware are repackagede. There is a very advanced malicious code that can hijack user clicks.

The current antivirus results are not ideal. There is still a long way to go for Android security.

 

Refer:

1 http://www.oschina.net/p/malgenomeproject

2 http://www.malgenomeproject.org/

3 http://www.csc.ncsu.edu/faculty/jiang/pubs/OAKLAND12.pdf