DroidMorph Shows Popular Android Antivirus Fail to Detect Cloned Malicious Apps

silversurfer

Level 75
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
6,459
A new research published by a group of academics has found that anti-virus programs for Android continue to remain vulnerable against different permutations of malware, in what could pose a serious risk as malicious actors evolve their toolsets to better evade analysis.

"Malware writers use stealthy mutations (morphing/obfuscations) to continuously develop malware clones, thwarting detection by signature based detectors," the researchers said. [PDF] "This attack of clones seriously threatens all the mobile platforms, especially Android."

The findings were published in a study last week by researchers from Adana Science and Technology University, Turkey, and the National University of Science and Technology, Islamabad, Pakistan.

Unlike iOS, apps can be downloaded from third-party sources on Android devices, raising the possibility that unwitting users can install unverified and lookalike apps that clone a legitimate app's functionality but are built to trick targets into downloading apps laced with fraudulent code that are capable of stealing sensitive information.
 

Gandalf_The_Grey

Level 51
Verified
Trusted
Content Creator
Apr 24, 2016
4,024
From that article:

1624296874255.png

Most popular AV's detect it 🤔

Never heard from most that don't detect it...
 
Top