Android malware scanner spoofed by security researchers

Android security researchers Jon Oberheide and Charlie Miller have devised ways to circumvent the cloud-based security filter that Google uses to attempt to keep the market devoid of malicious Android apps. By feeding the scanner a maliciously crafted file and shell commands to reveal files and list system attributes, the research team were able to procure information about how the malware scanner works.
"So this is just one technique to fingerprint the Bouncer environment, allowing a malicious app to appear benign when run within Bouncer, and yet still perform malicious activities when run on a real user's device," Oberheide said in a demonstration video (seen below). Oberheide and Miller a... »read more

More at: Electronista Add additional source