Catalin Cimpanu, writing for BleepingComputer: For the past year, Android malware authors have been increasingly relying on a solid trick for bypassing Google’s security scans and sneaking malicious apps into the official Play Store. The trick relies on the use of a technique that’s quite common in desktop-based malware, but which in the last year is also becoming popular on the Android market. The technique involves the usage of “droppers,” a term denoting a dual or multiple-stage infection process in which the first stage malware is often a simplistic threat with limited capabilities, and its main role is to gain a foothold on a device in order to download more potent threats. But while on desktop environments droppers aren’t particularly efficient, as the widespread use of antivirus software detects them and their second-stage payloads, the technique is quite effective on the mobile scene.
of this story at Slashdot.