Ability for Androids Protected by Symantec Mobile Security to Directly Submit Suspicious Apps
The number of malicious apps for Android is growing every day. Symantec relies upon our customers to bring new threats to our attention by submitting suspected threat .apk's to Security Response. These are examined by Security Response engineers and then new definitions released against them, if appropriate.
At the present time, it is necessary for Android users to identify the suspicious app, obtain or extract the .apk file for that app, and then submit that .apk file from their computer to Security Response through the web submission portals. Details on this process can be found in:
Best Practice for Suspicious Android Apps
How to Use the Web Submission Process to Submit Suspicious Files
It would be much simpler for Android end users if the SMS 7.x product had the built-in ability to determine the unique hash of the suspicious app and communicate that to Security Response. If there comes a reply that this is an unknown app to Symantec, the SMS 7.x product could then automatically extract the .apk, populate the web submission form using details (Support ID number, etc) supplied from its SMS 7.x server, and submit the file directly to Security Response. This would eliminate the submissions of many apps that are already known to be clean. It would also speed and simplify the process needed to provide protection against new genuine Android threats.