Xuxian Jiang , assistant professor in computer science, in collaboration with Chinese mobile security firm, NetQin , uncovered two pieces of malware, GingerRoot and DroidDeluxe , inside the Android Mobile Operating System.
For all the technophobes out there, Jiang defines malware as “[any] app [that] does something malicious to either compromise the phone— i.e ., turning it into a bot—or cause damage to the phone user, leaking personal information or increasing the phone bill without the user’s knowledge.”
GingerRoot , which originated in China, infects the latest Android version, 2.3, while DroidDeluxe is only able to reach phones using Android 2.2. Both disguise themselves within applications, which users download, thinking they are legitimate, and then the malware is unleashed within the phone.
Once installed on the phone, the malware is able to do whatever it please within the internals of the phone. GingerRoot and DroidDeluxe are able to gain unauthorized root-level access into the phones. Once they have access, they are able to extract any information they desire from the internals of the phone and deliver it to a third party, mainly the developers of the malware.
To uncover the two pieces of malware, Jiang and his team used patience and created their own software to sniff out malicious applications.
“We have been crawling and monitoring a few Android-oriented marketplaces and developed a number of tools to spot suspicious apps,” Jiang said. “While we are still in the process of improving our tools and techniques, they are so far rather effective in identifying these malware, ahead of most existing anti-virus software companies.”
Impressive for an assistant professor who has a full slate of teaching in addition to fighting cyber-crime.
The discovery of both pieces of malware is an important one. Now that both are uncovered the threat of both spreading globally, and perhaps infecting millions of phones, has been quelled. Xuxian Jiang’s team has made App Marketplaces around the mobile cyberspace safer for millions of Android users.
“With the discovery of latest threats, Jiang said, “we can effectively notify anti-virus companies so that they can timely push updates to their anti-virus software to detect and block them.”