Timothy Armstrong Kaspersky Lab
Denis Maslennikov Kaspersky Lab
download slides (PDF)
The Android operating system is following an explosive growth pattern, and has recently surpassed Apple's iPhone for market share. The growth of the largely uncontrolled Android mobile platform and Android Market presents a new challenge for security practitioners. The market lacks any code review process, and the applications use security certificates created by the developers themselves. Additionally, users have the ability to install applications from untrusted sources simply by disabling security features. With the addition of a new 'feature' for installing applications from a web interface, the Android Market is likely to become the new source for cybercriminals.
But the Android Market is not the only security issue with Android devices. People still can install applications from any source they want: third-party marketplaces and various other websites. As we have already seen, such sources can be used to distribute various types of malicious software. Cybercriminals continue to use various techniques in order to spread malware and infect as many devices as possible - for example, in the case of the FakePlayer trojan.
This presentation will take a look at the dangers associated with the Android Market and how malware may proliferate through the misuse of a fragmented security architecture. We will delve into the basics of the security model and its flaws, some of the malware currently found (both in the Android Market and outside), as well as future threats to expect. We will disclose new details about the evolution of the malware which is already known. Finally, various steps for mitigation will be suggested and discussed.