Pretty neat way to smuggle evil code past Apple, Google app store guards
BY: 3 Mar 2016 at 21:58, Iain ThomsonRSA 2016 Researchers have shown off a new way to evade the security mechanisms in Android and iOS – by using social networks as command and control servers.
The team, from Israeli security firm Skycure, said Google and Apple have made great strides in keeping malware out of their official software stores by scanning submitted code for malware and bad practices.
Part of the scanning operation checks which backend systems the app contacts. Applications that reach out to suspicious servers are flagged up for further inspection – but contacting to Facebook looks legit. So the team created a Facebook profile and posted lines of malicious code. When the innocent-looking app logs onto the social network and downloads the payload, it can execute it on the device.
In effect, it smuggles bad code onto a gadget from a Facebook profile, thus bypassing Google and Apple's app store censors.
It's a very cunning trick, and one that would be very difficult to protect against just by scanning the surface of the app's code. Miscreants are already exploiting this technique, and similar methods, in the wild to bypass Google and Apple's scanning systems, we're told.
full artcle here: