A set of tools from Check Point to analyze malware that threatens Android
Developed by experts from Check Point, the CuckooDroid toolkit with open source code for malware analysis threatening the Android system allows automation of application analysis, thus accelerating the detection of malware and counteracting threats to mobile devices. The CuckooDroid toolkit is available for free to providers of IT security solutions and developers of mobile applications.
CuckooDroid is an automated tool for emulation and analysis of malware, developed by the Check Point Group of Malicious Software and Vulnerability. Its task is to accelerate and facilitate the suppliers of IT security solutions and mobile application developers to detect malicious software that threatens the security of Google's Android operating system. The solution is based on the popular open environment of Cuckoo Sandbox. It allows to significantly reduce the time needed to research malware threatening the Android system and infected applications, as well as develop protection against new threats. Thanks to free access to this tool, it will be possible to detect malicious Android applications faster and improve the overall security of mobile devices.
Applications containing malicious software targeting the Android system available on Google Play account for over 95% of all malware on mobile devices. An example of such infected applications can be even the Durak card game, which was downloaded over 15 million times.
According to Michael Shalyt, team leader in the Check Point Malware Research Department: - The popularity of smartphones and devices with the Android operating system has led to a significant increase in the number of malicious mobile applications targeted against users of the system. We created the CuckooDroid solution to automate the analysis process and to facilitate quick response to threats. As the tool is available for free and is based on open source code, it can be used by IT security solutions providers and mobile application developers around the world, thus limiting the risk of malware to Android.
CuckooDroid uses a number of application analysis techniques and generates detailed reports accurately describing the operation of the application after it is launched, taking into account any suspicious operations reminiscent of malware, without the need for manual intervention. The tool can be largely adapted to individual needs and freely expand using resources provided by a large community of developers.
The possibilities of the CuckooDroid application were presented at the BlackHat Asia conference by its creators - Idana Revivo and Ofer Caspi from the Check Point Group on Malicious Software and Vulnerability. The source code of the CuckooDroid tool and its full technical documentation is available at: https://github.com/idanr1986/… or on the company Check Point Blog.
The Check Point Group on Malicious Software and Vulnerability Check Point regularly reviews popular programs and develops new solutions to ensure the safety of Internet users around the world. More information about Check Point research results can be found at http://www.checkpoint.com/thr….
- The use of the open source Cuckoo project to analyze malware
- The official website of the Cuckoo Sandbox project: https://cuckoo.readthedocs.or…
Learn more about our offer
We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.