Is your phone possessed? Or is it Android Malware?


April 18, 2012 By Tim O'Brien

Hackers aren’t content enough to infect your laptop, they want your phone. There’s an article over on SecurityNewsDaily that talks about some new Android malware that can take over your phone. Here’s the fun quote:

“The new Android malware disguises itself in fully functional copies of apps, including ―Angry Birds Space,∥ and hides its malicious payload in the string of code at the end of an otherwise genuine JPEG file, Lookout said. This rogue code exploits the GingerBreak vulnerability, a flaw that enables it to gain control of the phone and trick the victim into purchasing apps from illegitimate app stores.”

It looks like Android developers need to start paying more attention to security in general now that Android has exceeded 50% market share in the US market. While this vulnerability isn’t something that is directly addressable with Insight at the moment, but it reminds us that we need to start focusing more on mobile. Since Android development is Java-based, you can immediately benefit from downloading Nexus Professional 2.0 today and making sure that all of your application dependencies are free of known vulnerabilities.

Note: This post references our Security Feed. We maintain a feed of security stories relevant to developers which is isolated from our main blog feed. If you are interested in getting the full feed, read it here.