Over the last years, Google’s Android mobile platform became one of the most popular platforms for both customers and cybercriminals. Earlier this year, company introduced the Bouncer – a system to search for malicious apps or content in the Google Play application marketplace.
Bouncers targets are malicious applications, who behaves suspiciously or has known malware, spyware code, or Trojans. It compares the code to previously analyzed apps. If it finds suspicious behavior on malicious code, the app is flagged to be checked manually for confirmation that it is malware.
However, two New Yorn researchers – Jon Oberheide and Charlie Miller shown, that Bouncer could be bypassed quite easily, and in the long term – that would make a lot of trouble for Google to find the code, which succeeded to bypass protections.
Obeheide has uploaded a screencast to his blog, where their submitted app is handling a connect-back shell so that Bouncers infrastructure can be explored. Nevertheless, Jon points out, that he is confident about Google’s capabilities to fix these issues. He is in touch with the Android security team, and he will continuously work to address the problems that were found.