ID: IRCNE2013081931
Date: 2013-08-20
According to "techworld", android malware has started abusing the Google Cloud Messaging (GCM) normally used to push data to and from legitimate apps as a sneaky command and control channel, Kaspersky Lab has noticed.
Launched by Google in 2012, the free GCM service is now used by most Play Store apps for a variety of tasks including synchronisation, alerting the user, and even exchanging larger messages up to a maximum 4Kb in size.
A more recent update allows it to be used by the Chrome browser to communicate with apps.
It seems that malware writers have noticed GCM’s potential, including some of the most successful rogue apps targeting Android.
“Even though the current number of malicious programs using GCM is still relatively low, some of them are widespread. These programs are prevalent in some countries in Western Europe, the CIS, and Asia.”
- 2