Call us: 0800 917 3517

How to detect malicious Android apps

Last month AVAST exposed four new sites hosting malicious Android apps. “All these sites were registered a week ago so it looks like they were supposed to serve as a malware hosting for the bad guys from the very beginning.”

As computing moves onto mobile platforms, the bad guys are trying to exploit things – and getting more devious in their methods to compromise mobile devices.

Setting up apparently legitimate app stores that will eventually deliver malicious apps and seeding the mainstream apps stores is just one method. The problem for the user is finding these malicious apps among the hundreds of thousands of genuine apps; and downloading and testing them might be too late.

Now NQ Mobile has come up with a new technology jointly and primarily developed by its vice president of research Simon Zou and chief scientist and associate professor at North Carolina State, Xuxian Jiang. Using a unique approach, it detects a malicious app while it is still in the app store and before it is downloaded.

Called RiskRanker, it “employs a unique two-step method of discovering malware,” said Dr. Zou, which “greatly improves the accuracy in identifying patterns of seemingly innocent API uses that can actually be malware.” In a trial run earlier this year, the company claims that a scan of more than 100,000 apps from a variety of marketplaces, it “identified 718 malware threats, including 322 zero-day threats.”

The intention,says chief product officer Gavin Kim, is that we should be able to “proactively protect our 172 million security, privacy, and productivity users by addressing these threats before they become a problem, not after the fact.”