Smartphone Malware Evolution Revisited: Android Next Target?


Smartphones started being targets for malware in June 2004 while malware count increased steadily until the introduction of a mandatory application signing mechanism for Symbian OS in 2006. From this point on, only few news could be read on this topic. Even despite new emerging smartphone platforms, e.g. Android and iPhone, malware writers seemed to lose interest in writing malware for smartphones giving users an unappropriate feeling of safety. In this paper, we revisit smartphone malware evolution for completing the appearance list until end of 2008. For contributing to smartphone malware research, we continue this list by adding descriptions on possible techniques for creating the first malware(s) for Android platform. Our approach involves usage of undocumented Android functions enabling us to execute native Linux application even on retail Android devices which can be exploited to create malicious Linux applications and daemons using various methods to attack a device. In this manner, we also show that it is possible to bypass the Android permission system by using native Linux applications.

author = {Aubrey-Derrick Schmidt and Hans-Gunther Schmidt and Leonid Batyuk and Jan Hendrik Clausen and Seyit Ahmet Camtepe and Sahin Albayrak and Can Yildizli},
title = {Smartphone Malware Evolution Revisited: Android Next Target?},
booktitle = {Proceedings of the 4th IEEE International Conference on Malicious and Unwanted Software (Malware 2009)},
year = {2009},
pages = {1--7},
location = {Montreal, Quebec, Canada},
doi = {10.1109/MALWARE.2009.5403026},
publisher = {IEEE},
Aubrey-Derrick Schmidt, Hans-Gunther Schmidt, Leonid Batyuk, Jan Hendrik Clausen, Seyit Ahmet Camtepe, Sahin Albayrak, Can Yildizli
4th IEEE International Conference on Malicious and Unwanted Software (Malware 2009), Montreal, Quebec, Canada