There might not be such a day when a new crop of malicious Android apps turns up in the market. For many times Google removes them from the market and also it uses the “kill switch” to disable the downloaded application from its Andriod device all around the world. Such threats looks same as application. Like the Trojan Horse of legend, they enter your device freely, with your permission. They start doing nasty thing as soon as the application is installed in the device. Some users are shocked that Google can remove stuff from your Android phone remotely. Everyone might be alarmed at the ridiculous ease with which malicious coders can create Trojans for Android.
Technical Director for Security Response, Eric Chien revealed the absurdly simple steps a malefactor uses to create a brand-new Trojan by creating one right in front of the audience. Main thing is that the sample application made by him will never leave the room!
The easy five steps are as follows:
FIRST STEP: Start downloading any one the free application. You may download any of the application but be sure that the application you picked will draw plenty of downloads.
SECOND STEP: The language compilers that create applications on your PC take textual source code and convert it into assembly language that the CPU can read and process. It’s a one way translation. There will be no other way of going from the final executable file back to the source code. Though the Andriod applications are written in Java you can change back them to the original source code using simple, easily-available tools. Decompile your target app.
THIRD STEP: This is tricky method for which you need to obtain Java source code that does something nasty, like sending personal information from the device to a third party. Android.Geinimi is the threat demonstration given by Chien.
FOURTH STEP: It is simple to add the Trojan code. Copy it to the folder containing the existing source code. Make a bit change in the manifest while running the threat before running rest of the application. Edit the permissions to give the Trojanized application free access to the entire device. Change the name of application threat while you are at it.
FIFTH STEP: Compile the modified app and upload it to the market. Finished!
This will really not last in android market but if you want to spread it to the program you’re better off uploading it in China, where there is no official Android market.
