An experimental malware for smartphones

Android operating system has become one of the platforms developers used to introduce their malicious activities into the smartphone  world through Android Applications (App). Although the Google Play Store implements security countermeasures against Android  malware, these measures have vulnerabilities. A major weakness is that users often accept all requested permissions as mandatory when  installing an application, without understanding the risks. This gives developers the basis to achieve their illicit actions. The aim of the study is to develop a malware application for identification and to exploit vulnerabilities within the android operating system. The  work adopted the object-oriented analysis and design methodology (OOAD). Context diagram was used to represent data flow in the  malware application and Sequence diagram was used to show the interactions between objects in the application and the sequential  order that those interactions occurred. Further, a randomized algorithm was used for the detailed design. The work developed a malware  application that kept track of user tasks but at the background modified contacts list causing inconveniences to the user. The  malware application replaced the contact list with random strings from set of alphanumeric characters. The malware application  simulated a real-world cyber threat, contacts modification, to uncover vulnerabilities that evade detection through conventional security approaches. By exploring this attack vector, the study provided empirical evidence of vulnerabilities that was exploited by the malicious  application developed. This study contributed to the broader field of cyber security research by providing experimental evidence and  insights into the specific vulnerabilities and attack vectors targeting Android operating system.