A set of tools from Check Point to analyze malware that threatens Android

Developed by experts from Check Point, the CuckooDroid toolkit with open source code for malware analysis threatening the Android system allows automation of application analysis, thus accelerating the detection of malware and counteracting threats to mobile devices. The CuckooDroid toolkit is available for free to providers of IT security solutions and developers of mobile applications.

CuckooDroid is an automated tool for emulation and analysis of malware, developed by the Check Point Group of Malicious Software and Vulnerability. Its task is to accelerate and facilitate the suppliers of IT security solutions and mobile application developers to detect malicious software that threatens the security of Google's Android operating system. The solution is based on the popular open environment of Cuckoo Sandbox. It allows to significantly reduce the time needed to research malware threatening the Android system and infected applications, as well as develop protection against new threats. Thanks to free access to this tool, it will be possible to detect malicious Android applications faster and improve the overall security of mobile devices.

Applications containing malicious software targeting the Android system available on Google Play account for over 95% of all malware on mobile devices. An example of such infected applications can be even the Durak card game, which was downloaded over 15 million times.

According to Michael Shalyt, team leader in the Check Point Malware Research Department: - The popularity of smartphones and devices with the Android operating system has led to a significant increase in the number of malicious mobile applications targeted against users of the system. We created the CuckooDroid solution to automate the analysis process and to facilitate quick response to threats. As the tool is available for free and is based on open source code, it can be used by IT security solutions providers and mobile application developers around the world, thus limiting the risk of malware to Android.

CuckooDroid uses a number of application analysis techniques and generates detailed reports accurately describing the operation of the application after it is launched, taking into account any suspicious operations reminiscent of malware, without the need for manual intervention. The tool can be largely adapted to individual needs and freely expand using resources provided by a large community of developers.

The possibilities of the CuckooDroid application were presented at the BlackHat Asia conference by its creators - Idana Revivo and Ofer Caspi from the Check Point Group on Malicious Software and Vulnerability. The source code of the CuckooDroid tool and its full technical documentation is available at: https://github.com/idanr1986/… or on the company Check Point Blog.

The Check Point Group on Malicious Software and Vulnerability Check Point regularly reviews popular programs and develops new solutions to ensure the safety of Internet users around the world. More information about Check Point research results can be found at http://www.checkpoint.com/thr….

Additional information:

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.