The annual Virus Bulletin International Conference was held this year on 24-26 September, in Seattle, USA. As usual, VB2014 featured presentations from several notable vendors in the anti-threat sphere, describing their recent research and development in the field of IT security. Anti-Malware tools and techniques, botnets, mobile security, network security, spam and hacking were some of the highlighted topics that were contemplated upon.
Every year, K7 Computing shares the knowledge and technical advances made by our R&D teams. This year, Gregory Panakkal, a Senior Software Architect at K7 Computing, who extensively develops the handling of anti-malware components in the K7 security suite, presented on the topic, “Leaving our ZIP undone: how to abuse ZIP to deliver malware apps”. His paper deals with the ZIP format which is employed in Android applications and the possible crafted malformations of the ZIP format that can be used to bypass AV detection, without breaking trust for the Android OS. It discusses the challenges for AV components in handling such scenarios, as well as introducing the concept of the “Chameleon ZIP” which complicates the contextual handling of a crafted amalgamated ZIP package which can be interpreted differently based on the application which opens it.
Gregory’s presentation can be found on the VB website.
Archana Sangili, Content Writer
If you wish to subscribe to our blog, please add the URL provided below to your blog reader: