New technique allows attackers to hide stealthy Android malware in images

A new technique that allows attackers to hide encrypted malicious Android applications inside images could be used to evade detection by antivirus products and possibly Google Play’s own malware scanner.

The attack was developed by Axelle Apvrille, a researcher at Fortinet, and reverse engineer Ange Albertini, who presented their proof-of-concept at the Black Hat Europe security conference in Amsterdam Thursday.

It’s based on a technique devised by Albertini dubbed AngeCryption that allows controlling both the input and the output of a file encryption operation using the Advanced Encryption Standard (AES) by taking advantage of the properties of some file formats that allow files to remain valid despite having junk data appended to them.

To read this article in full or to leave a comment, please click here

Network World Security