Most Android malware focuses on stealing private information from system APIs such as contacts and sms. But they can’t steal information from other apps, such as reading your gmail or reading your to-do list stored in a 3rd party app. In addition to that, these malware have to be running either in the foreground or background in order for them to work. I find injecting malicious code into the Android framework code located in framework.jar (root required) can also be an interesting way to build malware. For example, by simply adding a call to log.d() at the beginning of the setText function in TextView class, everything the app (or any app) tries to display on the screen will be logged. Furthermore, because of the keyboard visual effect of showing a small pop-up when you press a key, hooking into setText also gives you the ability to see all the keystrokes. As a result, by adding 1 line of code (3 lines in Dalvik) to setText, we can build a stealthy (no running process) malware that is capable of recording all the text information the user sees across all apps and everything he or she typed into the device.
- About Mepiled higher and deeper
- BlogSome random stuff
- Projectswhere are the exploits
- ReadingBibliotheca de Dantalian