Researchers Exploit Google Bouncer, Drop Malicious Apps in Google Play Store - HotHardware
Researchers Exploit Google Bouncer, Drop Malicious Apps in Google Play Store

Researchers Exploit Google Bouncer, Drop Malicious Apps in Google Play Store

Google’s Bouncer just made sense; unlike Apple’s heavily curated walled-garden app store, Google Play is a target for malicious (and/or downright crappy) apps, so having Bouncer in place to scan submitted apps for malicious software to protect Google Play customers was necessary.

Google kept Bouncer’s intimate details under wraps to keep it from being hacked or exploited, but like death and taxes, someone was bound to find a way to sneak something nasty past Google’s door man.


Image credit: Android Police

Fortunately, the successful parties turned out to be Charlie Miller and Jon Oberheide, a pair of researchers who will be presenting at the SummerCon conference soon.

How’d they do it? Have a look-see at the video below.


Unfortunately, this means that Bouncer can be avoided, so the Google Play store isn’t as secure as we all thought. Google would be wise to jump on this post haste and solve the vulnerability Miller and Oberheide found; indeed, Oberheide’s blog post noted that he and Miller are already working with the Android security team to solve the problems they found.
0
+ -

Strangely enough, I've found that Microsoft Security Essentials can find some malware in some APK files also. Makes you wonder what Microsoft is up to.

0
+ -

Awesome! the play market definitely needs a "bouncer" hopefully these researchers get a bounty for helping out Google.

Login or Register to Comment
Post a Comment
Username:   Password: