Most research into and protection against malicious apps focuses on single apps. This makes it interesting for malware authors to use app ‘collusion’: the ability of two (or more) apps to perform an attack in collaboration.
Such attacks have previously been demonstrated as proof-of-concepts but had not yet been found in the wild until earlier this year, when researchers from
Intel
and a number of UK universities found such behaviour in apps using the
MoPlus
SDK for
Android
.
Last year
,
Trend Micro
researchers found that this SDK contained a backdoor,
but the collusion behaviour had not previously been discovered.
The discovery was mentioned in the
McAfee Labs
Threat Report for June 2016 (
pdf
), but full technical details will be shared with the public in the paper
Wild Android Collusions
, which will be presented at
VB2016
in Denver on 5 October.
Why not
register for VB2016
to see this and dozens of other presentations from world-class security researchers? Or, if you have research to present yourself, why not submit an abstract to our
call for last-minute papers
, which closes this Sunday, 4th September?
Leave a Reply