The Next Big Thing for Android Malware Is "Plugin Frameworks"

Solarquest

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
Android malware is evolving, and a clear trend has become visible in the past six months, with several malware strains implementing their malicious behavior via plugin frameworks.

DroidPlugin, Parallel Space, and VirtualApp are the names of several plugin frameworks that have been abused by malware in recent months to spread Android malware, and especially adware.
Plugin frameworks were created to help Android developers
The role of such tools is to extend the Android OS with non-native features. Their primary role is to add support for virtualization, allowing the Android OS to run a virtual machine where another instance of the same app can run.

By default, Android will only run one app instance, a reason why plugin frameworks with support for virtualization, like the ones mentioned above, have been created in the first place.

It's because of plugin frameworks that some social media apps allow users to log into two or more Facebook or WhatsApp accounts at the same time.

Other apps have also used plugin frameworks to support "hot patching," a technique that allows the delivery of app updates from outside the official Google Play Store.

Plugin frameworks increasingly abused to spread malware
.....
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top