IC3I 2014, IEEE International Conference on Contemporary Computing and Informatics, November 27-29, 2014, Mysore, India
Android is the most widely used operating system which spans variety of smartphones, tablets and wearable devices. Since it is open source, developers can take full advantage of the extensive number of APIs in the framework. But the popularity and openness of the android made it a favorite target of malware authors. This paper focuses on the impact of
some design decisions in framework which contributes in making Android applications vulnerable. A proof of concept SMS malware is presented to analyze the working of most threatening SMS malwares in the wild. This malware sends service messages to telecom operators and incurs charges or transfer of funds. It uses the vulnerability in ordered broadcast intent system to remains stealthy by intercepting and aborting possible
notifications from telecom operators. Countermeasures to mitigate this security leaks are also discussed.
Invited paper in a conference
© 2014 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.