December 22nd, 2011
Mobile security researchers at the firm Viaforensics say they have created a malicious mobile application that requires the phone user to grant no permissions during installation, but could give remote attackers the ability to install and execute malicious code on mobile devices running the Android operating system.
The “No-permission Android App Remote Shell,” as they are calling it, doesn’t take advantage of a security hole in Google’s Android. Rather, it exploits legitimate functionality that has been known about for a number of years, Viaforensics claimed in a blog post.Corporate Information Technologies has successfully implemented Mobile Device Management (MDM) systems to combat such threats.