Android Malware Now Exploits Steganography

android logo
Summary: Malware makers are turning to quite sophisticated tricks to disguise the true purpose of rogue applications.

Security firm F-Secure have released details on how Android malware makes use of steganography to hide the control parameters for rogue code.

First, what is steganography? It’s the technique of hiding messages within something else, in this case, an icon file.

F-Secure first suspected that Android malware was making use of steganography when researchers came across this line of code:

android malware

Further digging revealed more code, and it soon became clear that the image file being referenced here was the icon file bundled with the rogue application:

android malware

So what’s this hidden information used for? It’s used to control how and when premium rate SMS messages are sent from the victim’s handset, which, as far as the bad guys are concerned, is the primary purpose of the rogue application.

You’ve got to admit, that’s a pretty clever use of steganography.

No comments: