RiskRanker targets third-party Android app market security

Unlike Google Bouncer, which scans only the Play Store, NQ Mobile's new tool is adaptable for any online market for Android apps

NQ Mobile is taking the fight against Android malware to online markets where malicious apps are often disguised as legitimate products or secretly inserted in games.

Rather than attack the problem using traditional antivirus techniques, NQ has introduced a technology that Android app markets could use to continuously scan for malware.

[ Also on InfoWorld: Android susceptible to sophisticated clickjacking malware. | Prevent corporate data leaks with Roger Grimes' "Data Loss Prevention Deep Dive" PDF expert guide, only from InfoWorld. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]

The new product, RiskRanker is similar to Google Bouncer, an automated system that looks for known spyware and Trojan horses and also searches for behavior that would indicate malware.

RiskRanker does the same, but is adaptable for use in any Android market. Bouncer works only with the Google Play Store.

The NQ Mobile product analyzes the code within apps to look for instructions that would indicate malicious intent, such as searching for and exploiting vulnerabilities within Android to gain root access in the smartphone.

"To the best of my knowledge, RiskRanker is one of the first in this space to identify new threats without using malware samples," Xuxian Jiang, a consultant for NQ Mobile who helped to lead the development team, said. Jiang is a full-time associate professor at North Carolina State University.

Hackers have exploited the limitations of traditional antivirus technology for years. The software uses signatures taken from samples in known malware in order to identify malicious apps. To get around this strategy, cybercriminals constantly rewrite malware, so that antivirus products can't recognize it.

NQ Mobile claims that in recent trials, RiskRanker scanned more than 100,000 apps from a variety of marketplaces and identified 718 instances of malware, including 322 that were previously unknown.

The new product will be sold to Android markets. In addition, NQ Mobile plans to partner with mobile application management vendors to include RiskRanker as a feature in their software consoles, Kim Titus, senior director of communications, said.

3LM, a wholly owned subsidiary of Motorola Mobility, plans to integrate RiskRanker in its products to provide scanning and blacklisting for its business customers.

NQ Mobile provides a free version of antivirus software for Android smartphones, as well as a premium version. The company also sells cloud-based malware detection called Enterprise Shield, which was introduced in June.

Pricing and general availability of RiskRanker were not disclosed. "NQ Mobile is currently exploring global opportunities," a spokesman said.

Read more about wireless/mobile security in CSOonline's Wireless/Mobile Security section.

This story, "RiskRanker targets third-party Android app market security" was originally published by CSO.

Copyright © 2012 IDG Communications, Inc.

InfoWorld Technology of the Year Awards 2023. Now open for entries!