Computer security researchers have found that Android smartphone manufacturers are inadvertently incorporating new vulnerabilities into their products when they customize the phones before sale, according to a recent study. On average, the researchers found that 60 percent of the vulnerabilities found in the smartphone models they evaluated were due to such “vendor customizations.” A paper
Mobile security researchers have identified a new vulnerability in popular Android platforms, including Gingerbread, Ice Cream Sandwich and Jelly Bean. The vulnerability has been confirmed by Google, and will be addressed in a future Android release. Specifically, Xuxian Jiang’s research team at NC State has identified an SMS-phishing (“smishing”) vulnerability. If an Android user downloads
Casual online games, such as FarmVille and Fantastic Contraption, have thousands of enthusiastic followers – but the use of automated “bots” to give some players an advantage is short-changing the companies behind the games. Now researchers from NC State have developed a new technique to help companies identify these bots, and take action against them.
Mobile security researchers are announcing a global effort to share data on malware targeting the Android platform, in an effort to improve our ability to defend against such attacks. The Android Malware Genome Project is the brainchild of Xuxian Jiang, a researcher at NC State who has already collected over 1,200 pieces of Android malware.
DroidKungFu is continuing to evolve, with researchers detecting a new generation of the Android malware that incorporates new mechanisms to mask it from users and security software. This is the third version of DroidKungFu to be identified in the past two months. Like the previous generations of DroidKungFu, the latest iteration takes advantage of two