Researchers at Indiana University have developed a scanner that allows them to rapidly scan hundreds of thousands of Android apps, which ultimately resulted in 30 000 infected apps on the official Google Play store. MassVet (pdf) as the scanner is called, can determine within seconds whether an app is benign or malignant, without knowing how the malware looks or behaves.
Instead of analyzing the app MassVet compares it with apps that already exist in the relevant store. Most Android malware is in fact repackaged apps. When cybercriminals repacking apps add malicious components increasing. Therefore differs repackaged app of the original. The malicious components in applications can also be found who seem to have nothing to do with each other.
The researchers decided to test the scanner with 1.2 million apps from 33 different app markets. MassVet proved apps within 10 seconds, assess and outperformed 54 virus scanners on VirusTotal. Of the 1.2 million-controlled apps were found to be more than 127 000 malignant and 34 000 were missed by most malware scanners on VirusTotal. Some of the malware specimens were installed millions of times. It also found that 5000 malicious apps each had more than 10,000 installations.
Google Play
Also analyzed MassVet 400 000 apps on Google Play, of which 30 000 were found to be malignant. This equates to an infected rate of 7.6%. According to the researchers this different from earlier figures of Google. According to Google, was found on Android Users who only install apps from Google Play at less than 0.15% of the devices a "potentially malicious application" (PHA).
However, users of China's market places that are most likely to Android malware. In the market places of Anzhi, Yidong, yy138 and Anfen was 39%, 36%, 28% and 23% of all available apps malware. On the fifth of infected stores SlideMe comes back, 21% of the malware apps proved to be. The overview is also given to the store by Opera. This was 7.8% of the apps labeled as malicious.
No comments:
Post a Comment