Google introduced Android spyware detector, Bouncer with a bang in beginning of this year. It was advertised as a powerful application, which performed the work of different spywares at a given time. However, spyware researchers have disclosed some drawbacks in the application, which reject the claims made by Google. With growing market of cell phone monitoring software, Google should have come up with a more advanced technology than a detector app that allows fingerprinting.
Bouncer needs a push…
Bouncer is software which scans applications to detect any Trojans, spyware and malware in them. It runs through an automated process, detects malicious spyware in cell phones and matches them with the app in which they have been detected. If the presence of effected app is confirmed, it is flagged till the malware is completely deleted. However, spyware researchers have found out that escaping Bouncer’s cleanup process is not difficult for Android spyware. Moreover, this Google spyware can be transferred into cell phones through ordinary apps.
Researchers at work
Researchers of Duo Security, Jon Oberheide and Charlie Miller in a video presentation to SummerCon showed how can Bouncer be dodged by simple malwares and remain undetected in the cell phones. Oberheide explained through the presentation that he studied the working of Bouncer by injecting a fake app into a cell phone.
Tracking Bouncer’s malfunction
Bouncer’s functional behavior can be tracked down by injecting monitoring software for cell phone through fingerprinting. These are those characteristics which are required to track and kill the malicious Android spyware. To explain the procedure in simple terms, researchers found out the way which makes the Android spyware look harmless; hence they can easily skip Bouncer’s scanning system. This allows the malware to damage the cell phone software.
Hackers go on a rampage
DuoSecurity researchers further explained that dodging Bouncer’s functions and messing up with Android software does not require a hacker. Nevertheless, they can still maneuver around their way and escape Google’s spyware in different ways. The easiest way is to create Android spyware that acts like a harmless app, install it in the phone to test the effectiveness of Google’s Android spyware detector. This way hacker can easily dodge the users into believing that nothing is wrong with their Android device. Most importantly this brings into light the ineffectiveness of the Google application, which it boasts off.
Duo Security comes to rescue
Google does not test its apps before they are introduced in the market; unlike Apple which follows the norm of sifting through its apps before they are sent to iTunes Marketplace. Due to Google’s inability to perform tests on its apps, hackers have been given the freedom to maneuver their way in the device. After exposing the glitch in Google’s Android spyware detector, Duo Security will be coordinating with the company to work on making the app fool proof.
After all, there is some hope for Google!
Image via: knowyourcell.com[hr]
This article was written by Jane Andrew on behalf of mobistealth. She provides tips and tricks about android spy and cell phone monitoring software. To find out more cell phone monitoring, please visit website or follow her on Twitter.