- Jul 22, 2014
- 2,525
Android malware is evolving, and a clear trend has become visible in the past six months, with several malware strains implementing their malicious behavior via plugin frameworks.
DroidPlugin, Parallel Space, and VirtualApp are the names of several plugin frameworks that have been abused by malware in recent months to spread Android malware, and especially adware.
Plugin frameworks were created to help Android developers
The role of such tools is to extend the Android OS with non-native features. Their primary role is to add support for virtualization, allowing the Android OS to run a virtual machine where another instance of the same app can run.
By default, Android will only run one app instance, a reason why plugin frameworks with support for virtualization, like the ones mentioned above, have been created in the first place.
It's because of plugin frameworks that some social media apps allow users to log into two or more Facebook or WhatsApp accounts at the same time.
Other apps have also used plugin frameworks to support "hot patching," a technique that allows the delivery of app updates from outside the official Google Play Store.
Plugin frameworks increasingly abused to spread malware
.....
DroidPlugin, Parallel Space, and VirtualApp are the names of several plugin frameworks that have been abused by malware in recent months to spread Android malware, and especially adware.
Plugin frameworks were created to help Android developers
The role of such tools is to extend the Android OS with non-native features. Their primary role is to add support for virtualization, allowing the Android OS to run a virtual machine where another instance of the same app can run.
By default, Android will only run one app instance, a reason why plugin frameworks with support for virtualization, like the ones mentioned above, have been created in the first place.
It's because of plugin frameworks that some social media apps allow users to log into two or more Facebook or WhatsApp accounts at the same time.
Other apps have also used plugin frameworks to support "hot patching," a technique that allows the delivery of app updates from outside the official Google Play Store.
Plugin frameworks increasingly abused to spread malware
.....
