Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Ability for Androids Protected by Symantec Mobile Security to Directly Submit Suspicious Apps

Created: 04 Nov 2013 • Updated: 04 Nov 2013 | 1 comment
Mick2009's picture
6 Agree
0 Disagree
+6 6 Votes
Login to vote

The number of malicious apps for Android is growing every day.  Symantec relies upon our customers to bring new threats to our attention by submitting suspected threat .apk's to Security Response.  These are examined by Security Response engineers and then new definitions released against them, if appropriate.

At the present time, it is necessary for Android users to identify the suspicious app, obtain or extract the .apk file for that app, and then submit that .apk file from their computer to Security Response through the web submission portals. Details on this process can be found in:

Best Practice for Suspicious Android Apps
http://www.symantec.com/docs/TECH200997

How to Use the Web Submission Process to Submit Suspicious Files
http://www.symantec.com/docs/TECH102419

It would be much simpler for Android end users if the SMS 7.x product had the built-in ability to determine the unique hash of the suspicious app and communicate that to Security Response.  If there comes a reply that this is an unknown app to Symantec, the SMS 7.x product could then automatically extract the .apk, populate the web submission form using details (Support ID number, etc) supplied from its SMS 7.x server, and submit the file directly to Security Response.  This would eliminate the submissions of many apps that are already known to be clean.  It would also speed and simplify the process needed to provide protection against new genuine Android threats. 
 

Comments 1 CommentJump to latest comment

JustinM's picture

Thanks MIck,

I have captured this for the Mobile Security PM.

Well written I might add :-D

 

+1
Login to vote