(In-)security of smartphone anti-virus and security apps

AuthorHuber, Stephan; Rasthofer, Siegfried
TypeConference Paper, Electronic Publication
AbstractAndroid is by far the most popular operating system for smartphones today. Many people entrust their Android-based phone with highly sensitive data such as business documents and credit card information, or perform critical tasks such as online banking on their devices. To protect their devices against threats from malware or attackers who aim to exploit security vulnerabilities, many users rely on anti-virus and security apps available from renowned vendors. In this paper, we show that those apps contain severe vulnerabilities on their own, and that installing them can even decrease the overall security of the device. We analysed the most frequently downloaded security apps and found that they were vulnerable to remote code execution and malware database downgrades. Some anti-virus scanners could be disabled remotely without the user noticing, or devices could be locked and wiped remotely without proper authentication. We show that, when it comes to the security of their own code, security apps are no better than regular apps.
ConferenceVirus Bulletin International Conference (VB) <26, 2016, Denver/Colo.>
Part26th Virus Bulletin International Conference 2016. Online resource: 5 to 7 October 2016, Denver, Colorado, USA. Denver/Colo., 2016, 49 Folien