PRODUCTS

SophosLabs researchers see rise in cross-platform mobile malware

People are always looking to save time and money, and hopefully both, with technology. Businesses and consumers love smartphones and computers because they are massively multi-functional, super-fast and efficient. We’ve been doing this for a long time – the spork, that funny looking multi-purpose utensil, dates back to 1874!

More recently, mobile application developers have used cross-platform development tools to increase efficiency in churning out apps that work in all three of the major mobile operating systems – Android, iOS and Windows.

Malware authors are no different. At SophosLabs, we have seen an increase in malicious apps written with cross-platform development tools such as PhoneGap, Titanium, Unity, Xamarin and Cocos2d.

SophosLabs researchers William Lee and Xinran Wu explain in a new research paper – Cross-Platform Mobile Malware: Write Once, Run Everywhere – that security researchers will face greater challenges analyzing and detect these pieces of mobile malware, as cybercriminals increasingly make use of multi-platform tools to hide their malicious code.

Their research demonstrates that malware authors are using cross-platform development tools “to hide their malicious code in HTML files or specific containers loaded by cross-platform frameworks instead of the platform’s native binaries.”

This fascinating research paper (presented earlier this month at the Virus Bulletin International Conference) explores in depth the feasibility of new cross-platform mobile malware and examines the package structures of these malware.

Finally, our researchers suggest a solution for identifying an application’s framework type and writing detection signatures for malware based on those frameworks.

You can check out this paper and other SophosLabs research on our technical papers page.

Υou can read the original article, here.