Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Cybercriminals use Google Cloud Messaging service to control malware on Android devices

Lucian Constantin | Aug. 15, 2013
Kaspersky Lab researchers identified Android malware threats that receive commands from attackers through the Google Cloud Messaging service.

There isn't currently a large number of malware programs that use GCM, but those that do exist are widespread in some parts of western Europe, the Commonwealth of Independent States (CIS) and Asia, Unuchek said.

GCM seems to be a very cheap and easy instrument for cybercriminals to use, so it's likely the service could be abused to a greater extent in the future unless the bar for cybercriminals is not raised higher through countermeasures, the researcher said.

In addition to disabling developer IDs that are found to abuse the GCM service, it might also be a solution to actively analyze GCM messages for malicious content in a way similar to how intrusion detection systems analyze network traffic, Unuchek said.

Google did not immediately respond to an inquiry asking for information about the methods it uses to prevent malware writers from abusing the GCM service.


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.