Stephan Huber (Fraunhofer SIT Darmstadt) and Siegfried Rasthofer (TU Darmstadt) discovered a security vulnerability in versions 2.0.0 – 2.0.5 of the security tool AppGuard Pro. A few weeks ago, we informed the vendor Backes SRT who has now fixed the vulnerability in the latest release. The vulnerability gives malicious apps full control of all settings in the AppGuard Pro application. The vulnerability not only allows such apps to bypass any and all of the tool’s security measures, on top of that the malicious apps can even misuse AppGuard Pro to convince the user into perceiving the malicious app as harmless. Users should download the update as soon as possible.
Code analysis tools for taint tracking – statically, dynamically or hybrid – are only as good as the definition of sources and sinks. The tools check if there is a potential flow between a source and a sink and inform the analyst about their findings. We checked different code analysis tools in the area of Android and found out that all tools do only contain a hand-picked amount of sources and sinks. This gave us the motivation to create a novel tool for the fully automated generation of Android sources and sinks.
We wrote a technical report SuSi: A Tool for the Fully Automated Classification and Categorization of Android Sources and Sinks that describes the details of our approach.